CP 443-1 Advanced Siemens
Область применения
The CP 443-1 Advanced is used to connect the SIMATIC S7-400 to Industrial Ethernet networks. With its own processor, it relieves the CPU of communication tasks and facilitates additional connections.
The CP 443-1 Advanced provides the following communication options:
- PGs/PCs
- Master computers
- HMI systems
- SIMATIC S5/S7/C7 systems
- PROFINET I/O devices
- PROFINET CBA components
All the devices of an Ethernet network can be protected from unauthorized access. The CP 443-1 Advanced allows safe remote access over the Internet and allows data transfer between devices or network segments to be protected from data manipulation/espionage.
PROFINET CBA components and security functionalities can be used as an alternative.
Secure VPN communication between SCALANCE S, SOFTNET Security Client and components with Security Integrated
Обзор
Communications processor for connecting a SIMATIC S7-400 to Industrial Ethernet networks, also as PROFINET IO controller or in SIMATIC H systems.
The CP supports:
- PG/OP communication
- S7 communication
- Open communication (SEND/RECEIVE)
- PROFINET communication
- IT communication
- Security functionality, firewall and VPN
The communications processor can also be used for redundant S7 communication in SIMATIC H systems and for fail-safe applications (PROFIsafe) in connection with an S7-400 F-CPU. In addition, the CP 443-1 Advanced provides e-mail functions and user-created Web pages, offering ideal support for maintenance and quality assurance. The Internet functions such as FTP even allow connection to the most diverse PC-based systems. This CP is therefore the bridge between the field level and the management level for the S7-400. The CP 443-1 Advanced connects seamlessly to the security structures of the office and IT worlds.
Дизайн
The CP 443-1 Advanced offers all the advantages of SIMATIC S7-400 system design:
- Compact design:
- Five RJ45 jacks for connecting to Industrial Ethernet via two independent interfaces; one of which is a security socket for externally safeguarding the network cell; automatic data rate detection by means of the autosensing and autocross function; the connection is made via the IE FC RJ45 Plug 180 with 180° cable outlet or via a standard patch cable
- Diagnostics LEDs for indicating the operational and communication status
- Simple installation;
the CP 443-1 Advanced is mounted on the S7-400 rack and connected to other modules by means of the backplane bus. There are no slot rules. - The CP 443-1 Advanced can be operated without a fan.
- In combination with IM 460/461, the CP 443-1 Advanced can also be used in an expansion rack (ER).
- The module can be replaced without the need for a programming device
- C-PLUG (configuration plug) is included in scope of delivery as a swap medium (cannot be operated without C-PLUG).
Функции
- Two separate interfaces (integrated network separation):
- Gigabit interface with one RJ45 port with 10/100/1 000 Mbps, full/half-duplex with auto-sensing capability
- PROFINET interface with four RJ45 ports with 10/100 Mbps full/half duplex with autosensing and autocrossover functionality via integrated 4-port switch
- Communication services via both interfaces:
- Open communication (TCP/IP and UDP):
Multicast with UDP, including routing between both interfaces - PG/OP communication: Inter-network with S7 routing
- S7 communication (client, server, multiplexing) including routing between both interfaces
- S7 H communication for S7-400 H systems, now also across network boundaries (ISO-on-TCP)
- IT communication:
HTTP communication permits access to process data via user''s own Web pages. HTTPS communication is also possible with the CP 443-1 Advanced1).
The e-mail client function allows e-mails to be sent directly from the user program.
FTP communication allows program-controlled FTP client communication.
Access to data blocks via FTP server.
- Open communication (TCP/IP and UDP):
- Communication services via PROFINET interfaces:
- Certified PROFINET IO controller with real-time properties (RT and IRT)
- PROFINET CBA
- IP address assignment via DHCP, simple PC tool or via user program (e.g. for HMI)
- Media redundancy (MRP):
- Within an Ethernet network with a ring topology, the CP supports the MRP media redundancy protocol as an MRP manager and as an MRP client
- Diagnostics and network management:
- Comprehensive diagnostics functions for all modules in the rack (including graphical diagnostics, e.g. topology)
- Integration in network management systems due to support of SNMP V1/V3
- Security mechanisms:
- Access protection by means of configurable IP access list
- Firewall for filtering connections on the basis of their IP/port addresses
- Bandwidth limitation to avoid communication overload
- VPN server and VPN client for tap-proof access to controllers
- Encrypted HTML pages using SSL (HTTPs)
- Secure file transfer (FTPs)
- Tap-proof transfer of network analysis information to the network management system (SNMP)
- Translation of private and public IP addresses (NAT/NAPT)
- Secure transfer of the time of day (NTP V3)
- Secure firmware update
- Plagiarism detection
- Certification as per the Achilles Level II Standard
http://www.wurldtech.com/product_services/certifications/certified_products/
- Configuration of all functions with STEP 7;
The security functions are configured using the Security Configuration Tool (SCT) included in the scope of delivery for STEP 7 V5.5 SP2 HF1. - Configuration with STEP 7 Professional V11;
only possible with a limited range of functions of the predecessor CP 443-1 (6GK7 443-1GX20-0XE0), without security functions and CBA.
Version with security functions for TIA Portal in the planning stages. - When using the blocks AG_SSEND (FC53), AG_SRECV (FC63), TSEND (FB63), TRCV (FB64), TCON (FB65) and TDISCON (FB66), please note the following information: http://support.automation.siemens.com/WW/view/en/60037071
- Module replacement without programming device:
All information is stored on the C-PLUG (as well as file system for IT functions)
Интеграция
Connection to higher-level network
Small independent local networks (e.g. within a machine or cell)
Особенности
- Cost advantage due to connection to two separate Ethernet segments with integrated network separation
- High plant availability through the support of media redundancy (MRP) and use in the SIMATIC S7-400 H system
- Optimum support of maintenance through
- Web-based diagnostics
- Remote programming via WAN or telephone network (ISDN)
- Monitoring with IT network management tools (SNMP)
- Module replacement without programming device using the C-PLUG swap medium
- Securing the system against unauthorized access by means of
- Central access protection for any devices within an automation cell, e.g. by means of authentication of the network stations
- Secure remote access via the Internet by means of data encryption (VPN) and data integrity checking
- Traceability by means of data logging on the basis of standard IT mechanisms (Syslog)
- Later connection of existing SIMATIC S7 systems to Industrial Ethernet using the CP 443-1 Advanced ensures investment protection
Технические данные
Order number | 6GK7443-1GX30-0XE0 | |
|---|---|---|
Product type designation | CP 443-1 Advanced | |
Transmission rate |
| |
Transfer rate |
| |
| 10 ... 1 000 Mbit/s | |
| 10 ... 100 Mbit/s | |
Interfaces |
| |
Number of interfaces acc. to Industrial Ethernet | 5 | |
Number of electrical connections |
| |
| 1 | |
| 4 | |
Type of electrical connection |
| |
| RJ45 port | |
| RJ45 port | |
design of the removable storage C-PLUG | Yes | |
Supply voltage, current consumption, power loss |
| |
Type of voltage of the supply voltage | DC | |
Supply voltage 1 from backplane bus | 5 V | |
Relative symmetrical tolerance for DC |
| |
| 5 % | |
Consumed current |
| |
| 1.8 A | |
Active power loss | 9 W | |
Permitted ambient conditions |
| |
Ambient temperature |
| |
| 0 ... 60 °C | |
| -40 ... +70 °C | |
| -40 ... +70 °C | |
Relative humidity at 25 °C without condensation during operation maximum | 95 % | |
Protection class IP | IP20 | |
Design, dimensions and weight |
| |
Module format | Compact module S7-400 single width | |
Width | 25 mm | |
Height | 290 mm | |
Depth | 210 mm | |
Net weight | 0.7 kg | |
Product properties, functions, components general |
| |
Number of units |
| |
| 14 | |
| max. 4 as PN IO ctrl. | |
Performance data open communication |
| |
Number of possible connections for open communication by means of SEND/RECEIVE blocks |
| |
| 64 | |
Amount of data |
| |
| 8 Kibyte | |
| 8 Kibyte | |
| 8 Kibyte | |
| 2 Kibyte | |
Number of possible connections for open communication |
| |
| 64 | |
Amount of data |
| |
| 1 452 byte | |
Performance data S7 communication |
| |
Number of possible connections for S7 communication |
| |
| 128 | |
| 2 | |
| when using several CPUs | |
Performance data multi-protocol mode |
| |
Number of active connections with multi-protocol mode | 128 | |
Performance data IT functions |
| |
Number of possible connections |
| |
| 20 | |
| 10 | |
| 4 | |
| 1 | |
Amount of data as user data for email maximum | 8 Kibyte | |
Storage capacity of the user memory |
| |
| 30 Mibyte | |
| 16 Mibyte | |
| 512 Kibyte | |
Number of possible write cycles of the flash memory cells | 100 000 | |
Performance data PROFINET communication as PN IO-Controller |
| |
Product function PROFINET IO controller | Yes | |
Number of PN IO devices on PROFINET IO controller usable total | 128 | |
Number of PN IO IRT devices on PROFINET IO controller usable | 64 | |
Number of external PN IO lines with PROFINET per rack | 4 | |
Amount of data |
| |
| 8 Kibyte | |
| 8 Kibyte | |
| 1 433 byte | |
| 1 433 byte | |
| 240 byte | |
| 240 byte | |
Performance data PROFINET CBA |
| |
Number of remote connection partners with PROFINET CBA | 64 | |
Number of connections with PROFINET CBA total | 600 | |
Amount of data |
| |
| 8 Kibyte | |
| 8 Kibyte | |
| 8 Kibyte | |
| 250 byte | |
| 2 400 byte | |
Performance data PROFINET CBA remote connection with acyclic transmission |
| |
Refresh time of the remote interconnections in the case of acyclic transmission with PROFINET CBA | 100 ms | |
Number of remote connections to input variables in the case of acyclic transmission with PROFINET CBA maximum | 150 | |
Number of remote connections to output variables in the case of acyclic transmission with PROFINET CBA maximum | 150 | |
Amount of data |
| |
| 8 Kibyte | |
| 8 Kibyte | |
Performance data PROFINET CBA remote connection with cyclic transmission |
| |
Refresh time of the remote interconnections with PROFINET CBA with cyclical transfer | 10 ms | |
Number of remote connections to input variables with PROFINET CBA with cyclical transfer maximum | 250 | |
Number of remote connections to output variables with PROFINET CBA with cyclical transfer maximum | 250 | |
Amount of data |
| |
| 2 000 byte | |
| 2 000 byte | |
Performance data PROFINET CBA HMI variables via PROFINET acyclic |
| |
Number of connectable HMI stations for HMI variables in the case of acyclic transmission with PROFINET CBA | 3 | |
Refresh time of the HMI variables in the case of acyclic transmission with PROFINET CBA | 500 ms | |
Number of HMI variables in the case of acyclic transmission with PROFINET CBA maximum | 200 | |
Amount of data as user data for HMI variables in the case of acyclic transmission with PROFINET CBA maximum | 8 Kibyte | |
Performance data PROFINET CBA device-internal connections |
| |
Number of internal connections with PROFINET CBA maximum | 300 | |
Amount of data of the internal connections with PROFINET CBA maximum | 2 400 byte | |
Performance data PROFINET CBA connections to constants |
| |
Number of connections with constants with PROFINET CBA maximum | 500 | |
Amount of data as user data for interconnections with constants with PROFINET CBA maximum | 4 000 byte | |
Performance data PROFINET CBA PROFIBUS proxy functionality |
| |
Product function with PROFINET CBA PROFIBUS proxy functionality | No | |
Performance data telecontrol |
| |
Protocol is supported |
| |
| Yes | |
Product functions management, configuration |
| |
Product function MIB support | Yes | |
Protocol is supported |
| |
| Yes | |
| Yes | |
| Yes | |
| Yes | |
Configuration software |
| |
| STEP 7 V5.5 SP3 or higher / STEP 7 Professional V12 (TIA Portal) or higher | |
| SIMATIC iMap V3.0 SP1 and higher | |
Product functions Diagnosis |
| |
Product function Web-based diagnostics | Yes | |
Product functions switch |
| |
Product feature Switch | Yes | |
Product function |
| |
| No | |
| Yes | |
| Yes | |
Product functions Redundancy |
| |
Product function |
| |
| Yes | |
| Yes | |
Protocol is supported Media Redundancy Protocol (MRP) | Yes | |
Product functions Security |
| |
Firewall version | stateful inspection | |
Product function with VPN connection | IPSec | |
Type of encryption algorithms with VPN connection | AES-256, AES-192, AES-128, 3DES-168, DES-56 | |
Type of authentication procedure with VPN connection | Preshared key (PSK), X.509v3 certificates | |
Type of hashing algorithms with VPN connection | MD5, SHA-1 | |
Number of possible connections with VPN connection | 32 | |
Product function |
| |
| Yes | |
| Yes | |
| Yes | |
| Yes | |
| Yes | |
| No | |
Product functions Time |
| |
Product function SICLOCK support | Yes | |
Product function pass on time synchronization | Yes | |
Protocol is supported NTP | Yes | |
Дальнейшая информация
You will find more information on the topic of Industrial Security on the Internet at:
http://www.siemens.com/industrialsecurity
Ответ от производителя может занять до 5 дней и более.
