MicroLogix1400 Series B Launch Overview

MicroLogix 1400 Series B
Overview
(Confidential For Internal Use Only)
Copyright 2010 Rockwell Automation, Inc. All rights reserved.

1
Overview
MicroLogix 1400 continues to build on the initial success with the release
of Series B.
Series B enhances the communication capabilities of MicroLogix 1400 by
providing embedded support for DNP3 over IP, Modbus TCP/IP and other
Ethernet-related enhancements.
In addition to supporting these network protocols, improvements to the
programming and configuration options were also made.
(Confidential For Internal Use Only) Copyright 2010 Rockwell Automation, Inc. All rights reserved.
Overview (Cont)
Both Series A and Series B will continue to ship until Series A is depleted
(estimated to be in Nov 2010) after which only Series B will be available.
Customers who wants Series B prior to Series A being depleted would
need to specify this when entering their orders.
MicroLogix 1400 Series A will NOT be able to upgrade to Series B since
there is a chance of bricking the controller and some minor hardware
changes.
Firmware 6 had been posted online for all MicroLogix 1400 Series A
customers.
MicroLogix 1400 Series B will be shipping with FRN 10.
RSLogix 500/Micro version 8.3 will be required for programming with
Series B to use new features/functions
MicroLogix 1400 Series B Functionality

Modbus TCP (Client/Server)
DNP3 over IP (Refer online for device profile)
Level 2 Compliance
DNP3 Secure Authentication V.2.0
Data Set
File Transfer
Other Ethernet Enhancements

Disable EtherNet/IP Incoming Connections
Disable Duplicate IP Address Detection
Unconnected EtherNet/IP Messaging
MicroLogix 1400 Series B Functionality

Other Series B Enhancements
String (ST) file support in the CPW command.
Indexed addressing support for ASCII (A) file elements.
Ladder logic access to the first word in Control (R) file
elements.
Ladder logic access to SMTP configuration parameters,
including destination email addresses.
Optional Recipe (RCP) file protection from downloads and
memory module transfers.
What is DNP3.0?
DNP3 represents Distributed Network Protocol 3.0
It was developed by Westronics (now part of GE Harris), an electric utility
RTU manufacturer, in the early 1990s.
Originally developed for use in the electrical utility industries, it is now
gaining popularity in other SCADA application like Water/Waste Water.
The standard is now maintained by DNP Users Group (www.dnp.org),
which Rockwell Automation is a member.
Features & Benefits of DNP3.0
Features
Benefits
Unsolicited Response
Reduce bandwidth of the network
Time stamped event
Allow user to monitor critical events
File transfer
Programs can be transferred via DNP3.0 network
Event buffer
Critical events are stored in controller in event of communication failures
Secure Authentication
Secure communication with Master in open network
Event-based reporting Optimize bandwidth of the network depending on the type of events
required at each poll
DNP3.0 Resources
MicroLogix 1400 Device Profile
DNP3.0 User Group
Quick start with Kepware OPC Server (To Be Released)
SCADA Applications
Power Generator
Water Treatment
SCADA SYSTEM
Electric Distribution
Oil & Gas

Pipelines
SCADA Configurations Data Concentrator

Master Station
When using ControlLogix

as a data concentrator a
possible configuration is to
use a ProSoft module.
Data
Concentrator
Modbus TCP/IP Communications

Interface Module
MVI56-MNET
The ProSoft module

manages the polling
requests to the RTUs
Remote Stations Remote Stations Remote Stations

10
Monitor and Control City Water Supply
Booster
Station
Collector Wells
Reservoir
Monitoring
Water Plant
Collector Wells
11
Is MicroLogix 1400 an RTU?

With the Modbus TCP/IP and DNP3.0 support, does this mean MicroLogix 1400 is an
RTU?
While these protocols are commonly used in SCADA application, it is not recommend to
promote MicroLogix 1400 as an RTU. It is recommended to promote MicroLogix 1400 as
a PLC with some RTU capability. This allows us to set the expectation with the customer
and use the relatively low pricing of MicroLogix 1400 as a benefit to us. See below for
some common features of RTU and how to sell against it.
RTU Feature
How to selling against it
Low Power Consumption/Sleep

Mode
Most application will have power supply so there is no need for

low power consumption since power is readily available.
Memory for logging
MicroLogix 1400 offers 128K data logging capability with 6016

event logs if using DNP3.0.
Extended Temperature operation
MicroLogix 1400 operates from -20oC60oC which will cover

most of the operating range.
12
Modbus TCP Channel Configuration

Check Modbus TCP Enable in Channel 1 Configuration (notice
new tab for further configuration and DNP3 over IP grayed out):
13
Modbus TCP Connections and Performance

How many Modbus TCP connections are available?
16 incoming and 16 outgoing, in addition to the existing 16
incoming and 16 outgoing connections for EtherNet/IP!
What if I need to message to more than 16 Modbus TCP devices
at a time?
The Modbus TCP MSG instruction supports the Break
Connection (BK) bit, like other Ethernet MSGs.
What kind of performance can be expected?
Up to 220 messages or responses per second (this is
significantly better than EtherNet/IP, which tops out at only 25
messages or responses per second).
14
Modbus TCP Messaging

Can I trigger Modbus TCP and EtherNet/IP messages at the same
time?
Yes - the Channel 1 message buffer and queuing scheme works
exactly the same as it currently does. Since there are four
transmit buffers available, any mix of four Modbus TCP and/or
EtherNet/IP messages can be executing at the same time (as
long as theyre each targeting different IP addresses). Any
additional MSG instructions that have been triggered wait in the
queue until a transmit buffer is freed up.
What is the maximum number of 16-bit Modbus registers that I
can read or write with a single Modbus TCP MSG instruction?
120, same as with serial Modbus RTU MSG instructions.
15
DNP3 over IP Channel Configuration

Check DNP3 over IP Enable in Channel 1 Configuration (notice
new tab for further configuration and Modbus TCP grayed out):
16
DNP3 Slave Enhancements

Analog Input
Deadbands/Counter
Thresholds
Data Sets
DNP3 Analog Input Deadbands/

Counter Thresholds
For Counters and Analog Inputs, the
Threshold/Deadband config file is where
you configure the Threshold for each
counter and the Deadband for each
analog input that has been assigned a
Class number (1-3).
The DNP3 driver saves the value of each
counter/AI when it last triggered an event
and compares those with the current values
at the end of every program scan. If the
value varies by more than the T/D config file
value, then an event is generated and the
current value is stored for comparing.
DNP3 Secure Authentication

This specification shall address only the following
security threats, as defined in IEC 62351 Part 2:
Spoofing
Modification
Replay
Eavesdropping on exchanges of cryptographic
keys only, not on other data
Non-repudiation to the extent of identifying
individual users of the system
This specification addresses authentication only, not
encryption or other security measures.

Disable EtherNet/IP Incoming Connections (outgoing
EtherNet/IP messages still allowed when checked):
20

Disable Duplicate IP Address Detection (eliminates broadcast
packet sent every 2 minutes to detect duplicate IP addresses):
21

EtherNet/IP UnConnected (UC) bit sends Unconnected CIP
messages (still makes a TCP connection):
22

String (ST) file support in the CPW command:
ML1100, ML1200, ML1400/A and ML1500 controllers require
41 MOV instructions to copy an 82 character string into 41
integer elements (and vice versa).
ML1400/B can do this with a single CPW command:
(SLC has always been able to do this with a single COP

command)
23

Indexed addressing support for ASCII (A) file elements:
can use ASCII files in CPW commands
can mix ASCII files with Integer and Binary files in COP
commands
24

Ladder logic access to the first word in Control (R) file elements:
Allows the ladder logic to evaluate error codes for
instructions that use Control (R) files. The error code is
stored in the lower byte of the first word (Rx:y.0):
25

Ladder logic access to SMTP (Email) configuration parameters:
Extends existing capability to change IP Address, Subnet
Mask, Gateway Address, Default Domain Name, Primary
Name Server and Secondary Name Server in ladder logic.
Allows customer to program Email Server IP Address, From
Address, User Name, Password and the ten To Addresses in
ladder logic and, if desired, from a connected HMI.
Configure a 485CIF write MSG instruction to IP address
127.0.0.1 (reserved my own IP address address).
Data Table Offset address determines which parameter to
write the string value to.
26

Data Table Offset Addressing to change Channel Configuration parameters
27

28

Optional Recipe (RCP) file protection from downloads and
memory module transfers
Works identical to Memory Module/Download file protection for

data table files.
Single checkbox applies to all Recipe files.
29
Detail Configuration
Screenshots
(Confidential For Internal Use Only)
Copyright 2010 Rockwell Automation, Inc. All rights reserved.

30

Channel 1 Modbus tab is primarily for configuring the Modbus
TCP Server (Slave) functionality
Modbus Data Table File Numbers provides mapping of Modbus
registers to the data table, same as serial Modbus RTU slave:
31

Enable Access Control for IP Addresses allows the Modbus TCP
Server to reject communications with any Modbus TCP Clients
whose IP address is not listed in Client IP0-4:
32
Modbus TCP Channel

Configuration/Diagnostics
Local Port Number TCP
is the TCP socket# that
the Modbus TCP Server
is listening to - 502 is
the standard Modbus
TCP socket#.
Diagnostic File allows
you to enter an integer
data table file number to
store 80 Modbus
Client/Server diagnostic
counter values in for
troubleshooting.
33

New dropdown selection
for MSG Channel:
34

Note similarity between Ethernet and serial Modbus messages:
35
New fields for Modbus TCP MSGs:

Message Timeout same as other Ethernet messages. Calculated by
firmware (Connection Timeout + Reply Timeout + 15 seconds)
Unit Identifier analogous to Modbus Slave address. Used when
message is routed through a Modbus TCP to Modbus RTU Slave
bridge. Otherwise, leave at 255 (default).
Routing Information File (RI) data table file element to store the target
IP address in (may be reused for multiple MSGs to the same target)
Ethernet (IP) Address IP address of target Modbus TCP Server or
bridge device
Port target TCP port# that the Modbus TCP message uses (default is
502)
36

Control bits are the same as other Ethernet messages, including
the Break Connection (BK) bit
37

The Chan. 1 DNP3
configuration screen is
used to set up the
Ethernet specific
parameters for DNP3.
Notice that certain
fields are grayed out
based on the current
check box and radio
button selections.
Slave Node Address MicroLogix DNP3 slave address (0-65,519)

Enable Self-Address (0xFFFC) If checked, the MicroLogix will respond
to a master message sent to this destination address, however, it will
replace its own configured address in place of address 65,532 in the
response. This provides a mechanism for a master to discover the
configured address of the MicroLogix when connected point-to-point. In
a networked environment, this should always be left unchecked.
Enter an unused file number into Diagnostic File Number to create an
80 word integer file for storing DNP3 diagnostic counts and errors.
DNP3 over IP Channel Status
End Point Type:

Listening supports a single Transmission Control Protocol (TCP)
connection as a Server. Unsolicited responses can only be
transmitted via this connection, which is established by the DNP3
master. User Datagram Protocol (UDP) broadcasts are accepted.
Dual supports single TCP connections as a Server and as a
Client. If TCP Server connection is not present, unsolicited
responses are sent to the DNP3 master via the TCP Client
connection. UDP broadcasts are accepted.
Datagram Only No TCP connections used. All DNP3 over
Ethernet communications is via UDP.

Listening End Point related parameters:
Keep Alive Interval (x1s) If no communications has
been received from the DNP3 master on an open
TCP connection within this timeout period, the
MicroLogix transmits a DNP3 Data Link Layer status
request. If a response is not received within the
Confirmation Timeout period (default is 10 seconds)
the MicroLogix will close this TCP connection.
Local Port Number(TCP) This is the TCP port
number on the MicroLogix that the DNP3 master
makes a connection to.
Local Port Number(UDP) This is the UDP port
number on the MicroLogix that the DNP3 master
uses for UDP broadcasts.

Dual End Point related parameters:
Master TCP Port Number (Unsol) - This is the TCP
port number on the DNP3 master that the MicroLogix
makes a connection to for Unsolicited Responses (if
the DNP3 master doesnt already have a TCP
connection open with the MicroLogix).
Keep Alive Interval (x1s) (same as Listening)
Local Port Number(TCP) (same as Listening)
Local Port Number(UDP) (same as Listening)
Master IP0 IP address of the DNP3 master that
unsolicited responses are sent to.

Datagram Only End Point related parameters:
Master UDP Port Number (Init Unsol) This is the
UDP port number on the DNP3 master that the
MicroLogix uses to send its Unsolicited Null
Response with Restart IIN bit set after power up (if
Send Initial Unsolicited On Start Up is checked on
the DNP3 Slave screen).
Master UDP Port Number (Unsol) This is the UDP
port number on the DNP3 master that the MicroLogix
uses to send Unsolicited Responses to.
Local Port Number(UDP) (same as Listening)
Master IP0 (same as Dual)
Whether Enable Master Address Validation is checked or not,

Master Node0 is used for the destination DNP3 master node
address in Unsolicited Responses initiated by the MicroLogix.
When Enable Master Address Validation is not checked, DNP3
master requests are accepted from any node address.
When Enable Master Address Validation is checked, requests
are only accepted from the up to five DNP3 masters whose
addresses are configured in Master Node0 through Node4.

Whether Enable Access Control for Master IP
addresses is checked or not, Master IP0 is used
for the destination DNP3 master IP address in
Unsolicited Responses initiated by the MicroLogix.
When Enable Access Control for Master IP
addresses is not checked, DNP3 master requests
are accepted from any IP address.
When Enable Access Control for Master IP
addresses is checked, requests are only accepted
from the up to five DNP3 masters whose IP
addresses are configured in Master IP0-IP4.
(Only one DNP3 master can connect at a time.)
DNP3 Secure Authentication

The authentication mechanism is based on two
concepts:
A challenge and response protocol
The concept of a Keyed-Hash Message
Authentication Code (HMAC) that both the
outstations and masters calculate based on each
Application Service Data Unit (ASDU, or protocol
message) that is to be authenticated.
An HMAC algorithm is a mathematical calculation that
takes a protocol message as input and produces a
smaller piece of data as output
This challenge-response mechanism using an HMAC is
a unilateral, two-pass authentication mechanism as
described in ISO/IEC 9798-4.
DNP3 Data Sets

DNP3 provides the ability to transfer a time-stamped collection
of non-homogeneous data types in user defined data
structures between the master and slave stations called Data
Sets.
Example from the DNP3 spec:
DNP3 Data Sets

Data Set A configurable structure of DNP3
data objects.
Data Set Descriptors Provide information
regarding the structure, ordering and type of
data values within a data set. Enter a starting
Object File Number and Number of Files.
Data Set Prototypes Groups of descriptor
elements that can be referenced in Descriptors.
Enter a starting Object File Number and
Number of Files.
Every Data Set must have a corresponding
Descriptor. Prototypes are optional.
DNP3 Data Sets

MicroLogix1400 Series B Launch Overview

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

MicroLogix1400 Series B Launch Overview

Uploaded by

Copyright:

Available Formats

MicroLogix 1400 Series B

(Confidential For Internal Use Only)

Copyright 2010 Rockwell Automation, Inc. All rights reserved.

MicroLogix 1400 Series B Functionality

Other Ethernet Enhancements

MicroLogix 1400 Series B Functionality

Features & Benefits of DNP3.0

Reduce bandwidth of the network

Time stamped event

Allow user to monitor critical events

Programs can be transferred via DNP3.0 network

Critical events are stored in controller in event of communication failures

Secure communication with Master in open network

Oil & Gas

SCADA Configurations Data Concentrator

When using ControlLogix

Modbus TCP/IP Communications

The ProSoft module

Remote Stations Remote Stations Remote Stations

Monitor and Control City Water Supply

Is MicroLogix 1400 an RTU?

How to selling against it

Low Power Consumption/Sleep

Most application will have power supply so there is no need for

Memory for logging

MicroLogix 1400 offers 128K data logging capability with 6016

Extended Temperature operation

MicroLogix 1400 operates from -20oC60oC which will cover

Modbus TCP Channel Configuration

Modbus TCP Connections and Performance

Modbus TCP Messaging

DNP3 over IP Channel Configuration

DNP3 Slave Enhancements

DNP3 Analog Input Deadbands/

DNP3 Secure Authentication

Other Ethernet Enhancements

Other Ethernet Enhancements

Other Ethernet Enhancements

Other Series B Enhancements

(SLC has always been able to do this with a single COP

Other Series B Enhancements

Other Series B Enhancements

Other Series B Enhancements

Other Series B Enhancements

Other Series B Enhancements

Other Series B Enhancements

Works identical to Memory Module/Download file protection for

(Confidential For Internal Use Only)

Copyright 2010 Rockwell Automation, Inc. All rights reserved.

Modbus TCP Channel Configuration

Modbus TCP Channel Configuration

Modbus TCP Channel

Modbus TCP Messaging

Modbus TCP Messaging

Modbus TCP Messaging

New fields for Modbus TCP MSGs:

Modbus TCP Messaging

DNP3 over IP Channel Configuration

DNP3 over IP Channel Configuration

Slave Node Address MicroLogix DNP3 slave address (0-65,519)

DNP3 over IP Channel Status

DNP3 over IP Channel Configuration

End Point Type:

DNP3 over IP Channel Configuration