This is a newbie question .. Is there a way to sniff out sensor packet data from the SCADA environment? Any suggestions to proceed?
In general the answer is "yes, there is a way of getting data out of your PLC." The mechanics of the way will depend on your environment. The SCADA server may have an OPC interface for querying things. The PLC will likely have some protocol interface where you can query things, for example using Modbus.
How to proceed: Read the documentation for your PLC and your SCADA environment and see what interfaces you have available.
Related
I'm wondering if for simply communicating with a PLC, like reading and writing tags, do I need all of the other heavy lifting that comes with an OPC-UA server?
I've tried writing a simple server in Python that talks to the PLC, but I get denied when requesting information from the PLC.
The Controllogix PLC I'm attempting to communicate with uses Ethernet/IP to communicate, so why doesn't a simple server/client script work? What is required exactly to communicate with an Allen Bradley PLC or PLC's in general?
There is quite a bit required to communicate with a PLC.
Each vendor has a driver, there are firmware compatibility considerations. Different protocols to think about.
OPC-UA makes it a bit more generic, but OPC-UA still has a set of things to work around when setting up communications.
Most of the OPC products I've worked with, needs to have their security adjusted to allow anonymous communication. It's generally bad practice to do this. (A network intrusion would be able to read/write to your automation layer) There is certificate signing and some encryption business that needs to be turned off if you're looking for simple communication. (Again, not a good practice but ok for learning)
After all that you have to have a notion of how your PLC is set up on your OPC server, there are channels, devices, namespaces etc. You'll point the OPC client to some opc.tcp://:
If you got this far you're almost done, I'm assuming your OPC server is running and has tags configured at this point. You can use your OPC-UA API to do a read. It can return just the value, or you can get an object back with tag health, timestamp, and a bunch of other data. Depends on the implementation. After that you can do subscriptions, writes...whatever else you need.
TLDR: OPC server not required, but may be the easiest method. Turn off security. (But turn it back on before exposing your control layer to the net)
I am also a little late to this conversation. If you are interested in coding your own solutions and don't want to use any of the commercially available standards, AdvancedHMI is a "mostly" open source solution written in VB.NET which is 100% free and provides communications to many different PLCs including the ControlLogix platform. Since I see you are programming in Python you may also be interested to know that the project does work under Mono on the Linux OS. I have used it to write gateways between EthernetIP and ModbusTCP and to pull data serially from OEM devices and push this data to a CLX PLC.
The forum is full of many helpful hints and is very active and supported.
Just trying to give you another option. DDE, NetDDE, FastDDE, OPC, DCOM, Suitelink.... These are all good, but mostly a pay to play adventure. As a programmer, it seems ridiculous to have to pay such an excessive amount of money just to talk to my hardware, IMHO. Sorry for the rant. Have Fun!
Update - Just wanted to also suggest the following open source project written in python:
https://github.com/dmroeder/pylogix
I have used this to write small programs for communicating with CompactLogix and ControlLogix. (Even to/from a RaspberryPi!)
Depends on several factors, if you want something simple to program you can opt for Modbus/TCP I think some AB PLC supports it without extra hardware.
However if you want something with more security for example for industrial use then OPC UA would be better choice but the programming has a complexity far higher than Modbus, even using the libraries of OPC Foundation or others. There is the option of using a commercial or free (if any) OPC UA server to save work, then you will need to program the client side only.
With Ethernet/IP it should also be possible, but the problem is that there is no clear specification and even different AB models talk different Ethernet/IP dialect ! , it is also far more complex to program than Modbus.
I am a little late to this discussion, but there are a couple commercial tools that make this a bit easier. The one that comes to mind for me when you say you are using python is Cogent's data hub. It is certainly not the cheapest tool out there, but they have already done all of the heavy lifting for PLC/PC communications & security.
If trying to read CLX data using Python, there are several open source implementations that will save you a lot of work. Such as this:
https://github.com/dmroeder/pylogix
If you use .NET and Visual Studio, you can use AdvancedHMI
to be able to read and write OPC Tags to ControlLogix platform is done via its communication Driver RSLinx. RSLinx acts as an OPC Server, it will need to be configured to communicate with the PLC and run on a networked PC on the same LAN. Several flavours of RSLinx are available (for WAN/VLAN also) but essentially this is the communications driver you need to talk to AB PLC's
I have an application whereby I need to read data from a PLC into a database and whereby I need to develop my own application to do this. I just need to read 5 values from the PLC and log it to a DB. I have a demo OPC server running and can access it via UA or DA.
After looking at many different approaches I settled on using an OPC server to connect to the PLC and then to write an OPC client to interface to the OPC server and then write the data to the DB from my app. My language of choice is C# with .Net and the only licence fee I am able to pay for is for the OPC server from my PLC vendor.
What I am however finding extremely frustrating is getting the right info on OPC to get started. I dont want to buy any stacks but would prefer an open source stack. The information seems very fragmented and all over the place. Most of the info about OPC seems to be hype about how easy it is to use etc.
The best post on Stackoverflow that I could find is: Noob guide to OPC: how to write a C# Hello World client? and some of the links are not active any more.
My question is therefore are there any good tutorials showing how to build and OPC client from scratch in .net and what is the best open source SDK to use without having to buy a vendor's stack?
Is DA also worth learning or should one stick with UA?
The big question is why is OPC so frustrating when its marketed as being so easy?
It would also be nice to have a nice high level guide on the theory that one needs to know to build a client. I do realize that with time its possible to eventually figure this from the resources available but with limited time to make sense of all the scattered resources a quicker guide would be helpful.
Stick with OPC UA.
Luckily for you, the OPC Foundation's C# reference implementation has the capabilities of both stack and SDK, whereas other language reference implementations are typically just stack functionality.
The code is available on GitHub: http://opcfoundation.github.io/UA-.NET/
If you're not a member of the foundation the code is available under GPL2.
As for your concerns about the ease of use and marketing... I assume it's because OPC UA is marketed towards end users, who will just be hooking up various OPC UA compliant applications, which is easy. As a developer I think its fair to say there's a little more assumed about your ability to figure things out... from code examples, the specifications, books that are available, etc...
Basically, I would like to creat my own piece of software something a la communication protocl between PC and PLC.
I would like to read real time values from PLC and display them in a table for example Data Base, OPC table, Excel and write to PLC from PC in real time mode as well.
The whole point is I would like to access this data via ethernet port. How I can do it ? I do not want to use 3rd party software. I want to create something my own.
Choose any programming languages like C#,VB.NET and use opcdaauto.dll ,it is free dll for OPC Foundation members
You can easily get the live data from the OPC
or use dll provided by the OPC Server which you are using
As already mentioned, OPC-UA is probably more preferable, otherwise, there are commercial libraries such as InGear and open projects on GitHub.
If you actually want to implement your own low level drivers, they will depend on the PLC manufacturer. For example:
If you are working with Allen-Bradley, you will have to implement Common Industrial Protocol (CIP).
If you are working with Siemens, you will have to implement S7 Communication (S7comm or S7 for short).
If you search GitHub for various search terms related to Allen Bradley CIP and Siemens S7, you will find many starting points for communicating directly with these controllers.
First I have to say that I am not very experienced with neither Linux nor CAN/CANopen, so if something here is unclear or missing anything critical, please tell me.
I have a project where I require to connect a PC to a PLC via CAN/CANopen. I have a CAN-USB converter (canusb.com) and a PLC by Festo.
I have compiled the CANopen stack (CanFestival), but where do I go from here? It looks extremely complicated, and I really don’t understand it at all.
(My first goal would be to establish contact with the PLC through the CAN adapter and verify in some way that they are able to talk. The main goal is to be able to turn some valves on and off on the PLC by setting some registers.)
I'm familiar with CANopen, having written a stack and designed devices for it. In my opinion, this is going to be a major learning curve for you and will most likely take weeks of work. Most PLCs support most, if not all, fieldbus protocols. Does yours support Modbus? If it does, then you'll be up and running in a day or two: Modbus is simple to program.
I was in the same situation as you last year, and keeping in mind my deep understanding of CANopen, that's how I handled it. That said, I don't work by the hour, and it was a fixed price job, so I was after the overall cheapest solution, and this required buying a PLC module that supported Modbus.
A friend has asked if I could implement a data historian. I am busy doing research, googling around, reading UPC Unified Architecture - but it's a lot to get through, so I will ask if anyone here has ever gone down that road (while still continuing my research).
Approx how many man months for a 20+ year developer (or two) to get at least a demonstrable working prototype - and how long to completion?
Which programming language? Is C++ good, or what?
What resources are available to me? (I thought I saw an Open OPC framework, but can't find it again). Any FOSS, libraries or free code which I can base upon? Maybe a sourceForge project?
How best to test?
Any other hints?
In my company we use mostly to brand of Historian, PI developped by OSISoft and GE Profecy Historian. Ge Profecy now offers a 25 tag version of their latest Historian 4.5. The way it works is you got an historian server that collects from data collector pc's. Depending what piece of equipment you are communicating with you'll need different OPC driver.
Matrikon and Kepware are the 2 references in that field. At Matrikon you'll find almost anything related to OPC. We mostly use Kepware, cause we felt their solutions are more stable on the long run.
Depending of your knowledge of the PLC's you have in place and the number of point you want to acquire. It might take a day to a week implementing an historian. I'll be more than happy to help you if you provide us with more details.
It would be interesting if you can do a write up of your project when you complete it.
For OPC libraries your pretty limited, but OPC Connect has a good list of UA development kits otherwise you'll need to be a corporate member with the OPC Foundation.
This is an old topic, but I'm interested in the subject.
There is a Python library for OPC: openopc at SourceForge.net (I use a proprietary OPC client because it is provided by my automation supplier, Yokogawa.)
For short-term data grabs you can use a delimited text file, but for a historian you ought to use a database. I use SQLite for speed, size, and portability. Other DB solutions have advantages. Of course if you collect 400 points every second then over time your DB grows quite quickly, so efficient data storage is important.
Language used is influenced by your choice of OPC package. OpenOPC for Python is, well yes, for Python. I've used Graybox's free OPC client with .Net. The OCX I use at work is easiest to use with VB6. Not sure about others.
The time required to build a historian depends entirely on how complete the application needs to be. You can probably put together a data grabber in a few hours. A long-term historian with interfaces to view data, to add and delete points, to maintain data integrity, to handle bad data and interrupted communications gracefully -- all that will take days, not hours.