840Dsl 828D OPCUA Config Man 0819 en-US

Preface
Introduction 1
Safety notes 2
SINUMERIK
Setting up of OPC UA server 3
SINUMERIK 840Dsl/828D
SINUMERIK Access MyMachine / Customer Specific Object
4
Model (CSOM)
OPC UA
User administration 5
Configuration Manual
Functionality 6
Diagnostics 7
Update of OPC UA server 8
Technical data 9
Exceptions: 828D / V4.5 10
Trouble shooting 11
Valid for:
OPC UA server Version 3.0 SP1
08/2019
6FC5397-1DP41-0BA3
Legal information
Warning notice system
This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent
damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert
symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are
graded according to the degree of danger.
DANGER
indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING
indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION
indicates that minor personal injury can result if proper precautions are not taken.
NOTICE
indicates that property damage can result if proper precautions are not taken.
If more than one degree of danger is present, the warning notice representing the highest degree of danger will be
used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property
damage.
Qualified Personnel
The product/system described in this documentation may be operated only by personnel qualified for the specific
task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified
personnel are those who, based on their training and experience, are capable of identifying risks and avoiding
potential hazards when working with these products/systems.
Proper use of Siemens products
Note the following:
WARNING
Siemens products may only be used for the applications described in the catalog and in the relevant technical
documentation. If products and components from other manufacturers are used, these must be recommended or
approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and
maintenance are required to ensure that the products operate safely and without any problems. The permissible
ambient conditions must be complied with. The information in the relevant documentation must be observed.
Trademarks
All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication
may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
Disclaimer of Liability
We have reviewed the contents of this publication to ensure consistency with the hardware and software described.
Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this
publication is reviewed regularly and any necessary corrections are included in subsequent editions.
Siemens AG Document order number: 6FC5397-1DP41-0BA3 Copyright © Siemens AG 2017 - 2019.

Division Digital Factory Ⓟ 08/2019 Subject to change All rights reserved
Postfach 48 48
90026 NÜRNBERG
GERMANY
Preface
SINUMERIK documentation
The SINUMERIK documentation is organized into the following categories:
● General documentation/catalogs
● User documentation
● Manufacturer/service documentation
Additional information
You can find information on the following topics at the following address (https://
support.industry.siemens.com/cs/document/108464614/):
● Ordering documentation/overview of documentation
● Additional links to download documents
● Using documentation online (find and search in manuals/information)
If you have any questions regarding the technical documentation (e.g. suggestions,
corrections), please send an e-mail to the following address
(mailto:docu.motioncontrol@siemens.com).
mySupport/Documentation
At the following address (https://support.industry.siemens.com/My/ww/en/documentation),
you can find information on how to create your own individual documentation based on
Siemens' content, and adapt it for your own machine documentation.
Training
At the following address (http://www.siemens.com/sitrain), you can find information about
SITRAIN (Siemens training on products, systems and solutions for automation and drives).
FAQs
You can find Frequently Asked Questions in the Service&Support pages under Product
Support (https://support.industry.siemens.com/cs/de/en/ps/faq).
SINUMERIK
You can find information about SINUMERIK at the following address (http://www.siemens.com/
sinumerik).
SINUMERIK Access MyMachine / OPC UA

Configuration Manual, 08/2019, 6FC5397-1DP41-0BA3 3
Preface
Target group
This document addresses commissioning engineers, machine tool manufacturers, planners
and plant operating companies. The document provides detailed information that
commissioning engineers require to setup the SINUMERIK Access MyMachine / OPC UA
software.
Benefits
The Configuration Manual instructs the target group on how to use/configure the software
correctly.
Standard scope
This documentation describes the functionality of the standard scope. Additions or revisions
made by the machine manufacturer are documented by the machine manufacturer.
Other functions not described in this documentation might be executable in the control system.
This does not, however, represent an obligation to supply such functions with a new control
system or when servicing.
For the sake of simplicity, this documentation does not contain all detailed information about all
types of the product and cannot cover every conceivable case of installation, operation, or
maintenance.
Note regarding the General Data Protection Regulation

Siemens observes standard data protection principles, in particular the principle of privacy by
design. That means that this product does not process / store any personal data, only technical
functional data (e.g. time stamps). If a user links this data with other data (e.g. a shift schedule)
or stores personal data on the same storage medium (e.g. hard drive) and thus establishes a
link to a person or persons, then the user is responsible for ensuring compliance with the
relevant data protection regulations.
Technical Support
Country-specific telephone numbers for technical support are provided in the Internet at the
following address (https://support.industry.siemens.com/cs/sc/2090/) in the "Contact" area.

4 Configuration Manual, 08/2019, 6FC5397-1DP41-0BA3
Table of contents
Preface .........................................................................................................................................................3
1 Introduction...................................................................................................................................................9
1.1 General description ..................................................................................................................9
1.1.1 SINUMERIK OPC UA server ...................................................................................................9
1.2 Features .................................................................................................................................10
1.3 System setup .........................................................................................................................11
1.4 Compatibility of OPC UA server version and CNC software versions ...................................12
1.5 Reference to OPC UA specification .......................................................................................13
2 Safety notes................................................................................................................................................15
2.1 Fundamental safety instructions ............................................................................................15
2.1.1 General safety instructions.....................................................................................................15
2.1.2 Warranty and liability for application examples ......................................................................15
2.1.3 Industrial security ...................................................................................................................16
2.2 OPC UA security notes ..........................................................................................................18
3 Setting up of OPC UA server......................................................................................................................19
3.1 Prerequisites ..........................................................................................................................19
3.2 Option OPC UA......................................................................................................................20
3.3 Commissioning.......................................................................................................................21
3.4 Certificate handling ................................................................................................................26
3.4.1 Overview ................................................................................................................................26
3.4.2 Server certificates ..................................................................................................................28
3.4.3 Client certificates....................................................................................................................31
3.4.3.1 Trusted certificates.................................................................................................................31
3.4.3.2 Rejected certificates...............................................................................................................33
3.5 Testing the connection ...........................................................................................................35
4 Customer Specific Object Model (CSOM) ..................................................................................................41
4.1 Overview ................................................................................................................................41
4.2 Functionalities ........................................................................................................................42
4.3 Workflow for using CSOM in the SINUMERIK OPC UA server .............................................43
4.3.1 Overview ................................................................................................................................43
4.3.2 Exporting SINUMERIK model from OPC UA server as OPC UA XML ..................................43
4.3.3 Creating a CSOM with SiOME ...............................................................................................45
4.3.3.1 Overview ................................................................................................................................45
4.3.3.2 Importing SINUMERIK model (XML)......................................................................................45
4.3.3.3 Modeling own object model....................................................................................................48
4.3.3.4 Exporting CSOM (XML) .........................................................................................................54
4.3.3.5 Mapping data types................................................................................................................55

Table of contents
4.3.3.6 Modeling rules........................................................................................................................55

4.3.3.7 Access control with CSOM.....................................................................................................56
4.3.4 Converting the CSOM from XML to binary.............................................................................57
4.3.5 Importing the CSOM into the SINUMERIK OPC UA server...................................................58
4.4 CSOM dialog in SINUMERIK Operate ...................................................................................60
4.4.1 Overview ................................................................................................................................60
4.4.2 OPC UA model dialog ............................................................................................................61
4.4.3 Adding model .........................................................................................................................62
4.4.4 Deleting OPC UA model ........................................................................................................64
4.4.5 Activating / Deactivating OPC UA model and SINUMERIK namespace................................66
5 User administration.....................................................................................................................................69
5.1 Overview ................................................................................................................................69
5.2 User management..................................................................................................................70
5.3 Access rights management....................................................................................................71
5.4 List of access rights................................................................................................................72
6 Functionality ...............................................................................................................................................75
6.1 Overview ................................................................................................................................75
6.2 Address space model ............................................................................................................76
6.3 Variable access......................................................................................................................78
6.3.1 Variable paths for NC access operations...............................................................................78
6.3.2 Variable paths for GUD access operations ............................................................................79
6.3.3 Variable paths for PLC access operations .............................................................................80
6.3.4 Variable paths for machine and setting data..........................................................................82
6.3.5 Variable paths for 1:N configuration (only target system PCU)..............................................82
6.3.6 Finding of OPC UA variables ................................................................................................84
6.3.7 Monitored items......................................................................................................................87
6.4 Alarms ....................................................................................................................................88
6.4.1 Overview ................................................................................................................................88
6.4.2 Subscribe / unsubscribe to alarms ........................................................................................89
6.4.3 Sequence description of alarms.............................................................................................90
6.4.4 SINUMERIK Alarm object ......................................................................................................90
6.4.4.1 Description .............................................................................................................................90
6.4.4.2 OPC UA event messages and alarms ...................................................................................91
6.4.5 Language of alarms ...............................................................................................................96
6.4.5.1 OPC UA language specification.............................................................................................96
6.4.5.2 SINUMERIK language specification.......................................................................................97
6.4.5.3 Mapping of SINUMERIK LanguageID with OPC UA LocaleID ..............................................97
6.4.6 OPC UA alarms and conditions constraints ...........................................................................98
6.4.7 OPC UA alarms and conditions client ....................................................................................99
6.4.8 OPC UA multi-language alarms and conditions client .........................................................100
6.5 File system ...........................................................................................................................102
6.5.1 Overview ..............................................................................................................................102
6.5.2 Prerequisites ........................................................................................................................103
6.5.3 Standard file system support................................................................................................105
6.5.3.1 File transfer with standard methods .....................................................................................105
6.5.3.2 File transfer exceeding 16 MB between client and server ...................................................107

Table of contents
6.5.3.3 Comfort methods for file transfer < 16 MB ...........................................................................108

6.6 Select ...................................................................................................................................111
6.6.1 Overview ..............................................................................................................................111
6.6.2 Description ...........................................................................................................................112
6.6.3 Input and output arguments .................................................................................................112
6.6.4 Example call.........................................................................................................................114
6.7 Tool management ................................................................................................................115
6.7.1 Description ...........................................................................................................................115
6.7.2 CreateTool ...........................................................................................................................116
6.7.3 DeleteTool............................................................................................................................117
6.7.4 CreateCuttingEdge ..............................................................................................................119
6.7.5 DeleteCuttingEdge ...............................................................................................................120
7 Diagnostics ...............................................................................................................................................123
7.1 Overview .............................................................................................................................123
7.2 Diagnostics screen...............................................................................................................124
7.3 OPC UA server version........................................................................................................126
8 Update of OPC UA server ........................................................................................................................129
8.1 Overview ..............................................................................................................................129
8.2 Compatibility ........................................................................................................................130
8.3 Installation of OPC UA server ..............................................................................................131
8.3.1 Installation/Upgrade on a PCU/IPC......................................................................................131
8.3.2 Installation/Upgrade a PPU/NCU .........................................................................................131
9 Technical data .........................................................................................................................................133
10 Exceptions: 828D / V4.5 ...........................................................................................................................135
10.1 Starting of configuration dialog.............................................................................................136
10.2 Update of OPC UA server....................................................................................................137
11 Trouble shooting.......................................................................................................................................139
11.1 Frequently asked questions (FAQs).....................................................................................139
11.2 Reference to OPC UA error code ........................................................................................142
Index.........................................................................................................................................................143

Table of contents

Introduction 1
1.1 General description
Uniform standard for data exchange

"Industrie 4.0" stands for the intensive utilization, evaluation and analysis of data from the
production in IT systems of the enterprise level. PLC programs today already record a wide
range of data at the production and process level (pressure values, temperatures and counter
readings) and make them available to systems at the enterprise level, for example, to increase
the product quality. With Industry 4.0, the data exchange between the production and
enterprise levels will increase much faster in the future. However, prerequisite for the success
of "Industrie 4.0" is a uniform standard for data exchange.
The OPC UA (Unified Architecture) standard is particularly suitable for data exchange across
different levels as it is independent from specific operating systems, has secure transfer
procedures and better semantic description of the data. OPC UA not only makes data available,
but also provides information about the data (e.g. data types). This enables machine-
interpretable access to the data.
1.1.1 SINUMERIK OPC UA server

The SINUMERIK OPC UA server offers a communication interface with manufacturer
independent standard. The information on SINUMERIK controls can be exchanged with an
OPC UA client using this communication interface.
The client is not part of SINUMERIK and is either part of standard software or can be developed
as part of individual software. For this purpose a stack for downloading is provided by the OPC
foundation.
Some manufacturers provide a software development kit, which can be used to develop an
OPC UA client.

Introduction
1.2 Features
1.2 Features
The SINUMERIK OPC UA server provides the possibility to communicate with SINUMERIK via
OPC UA. The following functionalities of the OPC UA specification are supported by the server:
● Read, write and subscribe to SINUMERIK variables (NC, PLC) (see chapter Variable
access (Page 78))
● Transfer of part programs (see chapter File system (Page 102))
● Support for File and Folder Objects
● Event based provision of SINUMERIK alarms and messages from HMI, NC and PLC (see
chapter Alarms (Page 88))
● Methods for selection of part programs from the NC file system and external memory (see
chapter Select (Page 111)) and methods for tool management (see chapter Tool
management (Page 115))
● Multi language support for the alarm and warning messages.
● The OPC UA server supports customer specific object models (see chapter Customer
Specific Object Model (CSOM) (Page 41))
Security settings
The server provides the possibility to communicate in an unencrypted or encrypted way. The
following options are possible:
● None
● 128 Bit - Sign (Basic128Rsa15)
● 128 Bit - Sign & Encrypt (Basic128Rsa15)
● 256 Bit – Sign (Basic256Sha256)
● 256 Bit - Sign (Basic256)
● 256 Bit – Sign & Encrypt (Basic256Sha256)
● 256 Bit - Sign & Encrypt (Basic256)
NOTICE
Security risk of no or low encryption
During operational process, an encrypted communication must always be used for security
reasons.
Furthermore, the SINUMERIK OPC UA server provides the possibility of user administration,
which allows to assign access rights for each user individually (see chapter User administration
(Page 69)).
See also
Certificate handling (Page 26)

Introduction
1.3 System setup
1.3 System setup
Accessibility of the server

The accessibility of the server varies in the particular SINUMERIK systems. The following table
shows the dependencies of the SINUMERIK systems:
SINUMERIK Accessibility
systems
SINUMERIK After successful licensing and activation the OPC UA server is accessible via the X130 interface.
828D
SINUMERIK The OPC UA server needs SINUMERIK Operate and runs on the same place as SINUMERIK Operate. For
840D sl this reason, system setup depends on whether a Thin Client is used (SINUMERIK Operate runs on NCU) or
a PCU / IPC with Windows operating system.
Thin Client If a Thin Client is used, the OPC UA server is accessible after successful licensing and
activation via X120 and X130 interface of the NCU.
PCU / IPC If a PCU / IPC is used, the OPC UA server is accessible after successful licensing and
activation via "eth1" and "eth2" interface of the PCU / IPC. In this case the OPC UA
server is neither accessible via "eth3" interface of the PCU/IPC nor the X120 or X130
interface of the NCU.
Application scenario
/RFDO 1HWZRUN
&XVWRPHU
DSSOLFDWLRQ23&
8$FOLHQW
3&8,3&
&XVWRPHU
23&8$
DSSOLFDWLRQ23&
VHUYHU
8$FOLHQW
23&8$ 23&8$
23&8$VHUYHU VHUYHU VHUYHU
6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'
Figure 1-1 Application scenario

Introduction
1.4 Compatibility of OPC UA server version and CNC software versions
1.4 Compatibility of OPC UA server version and CNC software versions

The latest OPC UA server version is compatible to several CNC software versions. Below you
will find the CNC software versions have been tested successfully with the OPC UA server
versions:
CNC software version OPC UA version

4.5 V2.2 and V3.0 SP1
4.07 - SP2...SP5 V2.2 and V3.0 SP1
4.08 - SP2...SP3 V2.2 and V3.0 SP1
4.92 and 4.92 - HF2 V3.0 SP1

Introduction
1.5 Reference to OPC UA specification

The SINUMERIK OPC UA server matches the specification of the OPC foundation (https://
opcfoundation.org/) V1.0.3.

Introduction

Safety notes 2
2.1 Fundamental safety instructions
2.1.1 General safety instructions
WARNING
Danger to life if the safety instructions and residual risks are not observed
If the safety instructions and residual risks in the associated hardware documentation are not
observed, accidents involving severe injuries or death can occur.
● Observe the safety instructions given in the hardware documentation.
● Consider the residual risks for the risk evaluation.
WARNING
Malfunctions of the machine as a result of incorrect or changed parameter settings
As a result of incorrect or changed parameterization, machines can malfunction, which in turn
can lead to injuries or death.
● Protect the parameterization against unauthorized access.
● Handle possible malfunctions by taking suitable measures, e.g. emergency stop or
emergency off.
2.1.2 Warranty and liability for application examples

Application examples are not binding and do not claim to be complete regarding configuration,
equipment or any eventuality which may arise. Application examples do not represent specific
customer solutions, but are only intended to provide support for typical tasks.
As the user you yourself are responsible for ensuring that the products described are operated
correctly. Application examples do not relieve you of your responsibility for safe handling when
using, installing, operating and maintaining the equipment.

Safety notes
2.1.3 Industrial security
Note
Industrial security
Siemens provides products and solutions with industrial security functions that support the
secure operation of plants, systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is
necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial
security concept. Products and solutions from Siemens constitute one element of such a
concept.
Customers are responsible for preventing unauthorized access to their plants, systems,
machines and networks. Such systems, machines and components should only be connected
to an enterprise network or the Internet if and to the extent such a connection is necessary and
only when appropriate security measures (e.g. using firewalls and/or network segmentation)
are in place.
For additional information on industrial security measures that can be implemented, please
visit:
Industrial security (https://www.siemens.com/industrialsecurity)
Siemens’ products and solutions undergo continuous development to make them more secure.
Siemens strongly recommends that product updates are applied as soon as they become
available, and that only the latest product versions are used. Use of product versions that are
no longer supported, and failure to apply the latest updates may increase customer’s exposure
to cyber threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS
Feed at:
Industrial security (https://www.siemens.com/industrialsecurity)
Further information is provided on the Internet:

Industrial Security Configuration Manual (https://support.industry.siemens.com/cs/ww/en/
view/108862708)

Safety notes
WARNING
Unsafe operating states resulting from software manipulation
Software manipulations, e.g. viruses, Trojans, or worms, can cause unsafe operating states
in your system that may lead to death, serious injury, and property damage.
● Keep the software up to date.
● Incorporate the automation and drive components into a holistic, state-of-the-art industrial
security concept for the installation or machine.
● Make sure that you include all installed products into the holistic industrial security concept.
● Protect files stored on exchangeable storage media from malicious software by with
suitable protection measures, e.g. virus scanners.
● On completion of commissioning, check all security-related settings.
● Protect the drive against unauthorized changes by activating the "Know-how protection"
converter function.

Safety notes
2.2 OPC UA security notes
2.2 OPC UA security notes
NOTICE
OPC UA provides read/write access on data in SINUMERIK. This access might also affect
security relevant data.
● You can limit this access on SINUMERIK data by individual read and write permission.
Please refer to chapter User administration (Page 69), especially chapter List of access
rights (Page 72).

Setting up of OPC UA server 3
3.1 Prerequisites
NOTICE
Protection against security risks
To protect industrial plants and systems comprehensively against cyber attacks, measures
must be applied simultaneously at all levels (from the operational level up to the field level,
from access control to copy protection). Therefore, before setting up of the OPC UA server,
apply the "Defense in Depth" protection concept in order to avoid security risks in your
environment.
Ensure that you do not connect the company network to the internet without suitable protective
measures.
You will find further information on the Defense-in-Depth concept, suitable protective
measures and Industrial Security in general in the Configuration Manual Industrial Security
(https://support.industry.siemens.com/cs/de/en/view/108862708).
Prerequisites
● OPC UA server requires SINUMERIK Operate.
● OPC UA server requires an OPC UA license (6FC5800-0AP67-0YBO).
● Make sure that the HMI time is set correctly, since this is a prerequisite for encrypted
communication.

Setting up of OPC UA server
3.2 Option OPC UA
3.2 Option OPC UA
Setting the option

1. Set the "Access MyMachine / OPC UA" option via the "Startup > Licenses" operating area.
Figure 3-1 Setting the option

3.3 Commissioning
3.3 Commissioning
Checking the HMI time

Make sure that the HMI time is set correctly, since this is a prerequisite for encrypted
communication.
Note
The certificate needed for secure OPC UA communication is automatically created during the
first run-up. The start date of the validity period of the certificate is set to the current date. The
validity period is 20 years.
If the SINUMERIK system time is subsequently changed, so that it lies outside the validity
period, the secure OPC UA communication does not function (BadCertificateTimeInvalid).
The certfiicate can also be changed manually, as decribed in chapter Certificate handling
(Page 26).
Executing the OPC UA configuration dialog

1. Start the OPC UA configuration dialog via the operating area "Startup > Network".
Note
Different startup behaviour with 828D / V4.5
The control 828D with CNC software version V4.5 has a different startup behaviour of the
configuration dialog (see chapter Starting of configuration dialog (Page 136)).
2. Press the "OPC UA" softkey.

3.3 Commissioning
3. Press the "Setting" softkey. The Settings dialog will appear. Then press the "Change"
softkey. Make the necessary settings for connection, authentication and activation.
Figure 3-2 Settings of OPC UA server (with changes)
Group Setting Description

Connection set‐ ● Company network The available network connections (IP address) on a
tings specific target system (828D, 840D sl, PCU, IPC) are
● Systems network
shown. The available networks options vary depending
(machine network)
on your target system.
● Service network
● Company network
● Systems network (machine network)
● Service network.
For example, since IPC is considered as PCU there will
be only two networks (company and systems (machine)
network) displayed.
It is possible to activate or deactivate an interface from
OPC UA server point of view.
TCP Port TCP port at which the OPC UA server should be availa‐
ble.
Standard configuration: 4840
Note!
The port must also be open in the firewall. For PPU/NCU
this happens automatically. With PCU/IPC the port must
be opened manually in the firewall.
Message encryption It can be chosen which security endpoints should be of‐
fered from the server
Setting Standard configuration
None Deactivated
128 bit Activated
256 bit Activated

3.3 Commissioning
Group Setting Description

Authentication Admin User User name of the administrator. The administrator can
add or delete users and assign or delete user authoriza‐
tions.
Password Password of the administrator.
Confirm Password Enter the password again for confirmation.
Allow anonymous ac‐ Standard configuration: Deactivated
cess Anonymous access is only recommended for commis‐
sioning.
Accept certificates au‐ Standard configuration: Activated
tomatically If this option is set, all client certificates are automatically
accepted. For manual acceptance, please refer to chap‐
ter Certificate handling.
Activation Activate OPC UA Place the checkmark to activate OPC UA and remove the
checkmark to deactivate it.
NOTICE
Security risk due to data manipulation and data sniffing
Anonymous access can be a security risk. Anonymous access should therefore be strictly
limited to commissioning.
● For normal operation authentication via username and password or based on
certificates should be used (see chapter Certificate handling).
NOTICE
Security risk due to data manipulation and data sniffing
If no message encryption to the client is established, there will be a security risk of data
manipulation and data sniffing. It is therefore highly recommended to establish a message
encryption to the client.
● Use the highest possible encryption standard (256 bit) to ensure a secure message
transfer.

3.3 Commissioning
Note
Assigning secure passwords
Observe the following rules when creating new passwords:
● When assigning new passwords, ensure that you do not assign passwords that can be
guessed, e.g. simple words, key combinations that can be easily guessed, etc.
● Passwords must always contain a combination of upper-case and lower-case letters as
well as numbers and special characters. Passwords must comprise at least eight
characters. The server does not support passwords comprising less than eight
characters. PINS must comprise an arbitrary sequence of digits.
● Wherever possible and where it is supported by the IT systems, a password must always
have a character sequence as complex as possible.
The German Federal Office for IT Security (BSI) (https://www.bsi.bund.de/SharedDocs/
Downloads/DE/BSI/Grundschutz/International/GSK_15_EL_EN_Draft.pdf?
__blob=publicationFile&v=2) provides additional rules for creating secure passwords.
Programs are available that can help you to manage your passwords. Using these
programs, you can encrypt, save and manage your passwords and secret numbers – and
also create secure passwords.
Note
If you want to change the password later, you can do this via the OPC UA method
"ChangeMyPassword" or in the SINUMERIK Operate screen.

3.3 Commissioning
4. Then choose "OK". If you enter a port for the first time, you will receive a safety note.
Figure 3-3 Security message for opening the TCP port
Note
Port opening on IPC
On first startup of OPC UA server a windows message will appear, asking the user to
confirm the opening of the port.
5. If settings are all done, restart is necessary to activate the new settings. Perform a hardware
restart on the target systems NCU and PPU. A restart of the SINUMERIK Operate is
necessary on the PCU 50/IPC.

3.4 Certificate handling
3.4.1 Overview
To establish a secure connection between an OPC UA server and a client it is necessary to
exchange and trust the certificate of the other communication partner. The exchange is
normally done automatically at the first connection attempt between client and server.
Nevertheless, there is also the possibility to exchange the certificates manually before the other
communication partner is available, e. g for preparing an easy commissioning.
For trusting the certificates there are two possibilities within the server:
● Automatic trusting of new certificates
If "Accept certificates automatically" is activated in the commissioning dialog, new client
certificates are trusted automatically and there is no manual interaction necessary to
establish a secure connection.
This is the most comfortable option, but less secure than the manual trusting, since all
certificates will be trusted.
● Manual trusting of certificates (recommended)
If "Accept certificates automatically" is deactivated in the commissioning dialog the
certificates must be trusted manually to establish a secure connection.
This allows the administrator of the OPC UA server to manually decide, which client can
establish a secure connection to the OPC UA server
To have a comfortable way to handle certificates, the OPC UA dialog offers a certificate section,
which can be found under the softkey "Certificates".
Figure 3-4 Softkey Certificates

Operations
The Certificate dialog allows the following operations:
● Server certificate
– Renewal of the server certificate
– Export of the current server certificate
● Client certificates
– List of the current trusted certificates
– List of the rejected client certificates
– Manual import of a client certificate
– Deletion of a client certificate
– Trust a rejected client certificate

3.4.2 Server certificates
Overview
① The name of the OPC UA server certificate is shown in the upper part of the screen.
② You can renew the server certificates.
③ You can export the server certificate to a configured device.
④ You can leave the OPC UA dialogs.
⑤ The details of the server certificate are shown in the lower part of the screen. You can scroll down
to see further certificate attributes.
Figure 3-5 Server Certificate

Renewing server certificates

The server certification can be renewed at any timy. With the renewal the following things can
be specified by the administrator:
● Expiration date of the certificate / validity in years
Note
Before using this dialog make sure that the date and the time of SINUMERIK Operate is set
correctly, as the certificate will be valid from the current date in SINUMERIK Operate at the
time of renewal.
● Decision if IP address and/or host name should be mentioned in the server certificate
Note
Many clients will need the IP address in the certificate for validation. If the server will be
addressed by hostname (e. g. because the IP address of the OPC UA server changes
frequently due to a dynamic assignment by a DHCP server), it is recommended only to
include the host name in the certificate. Because otherwise the certificate must be renewed
and exchanged with every change of the IP address.
To renew a server certificate, proceed as follows:

1. Press the softkey "Renew".
A pop-up screen will appear that offers two ways of selecting a time period:
– Select the number of years, the server certificate will be valid
– Specify a precise date, the server certificate will expire
Specify also whether the IP address and/or the host name should be written in the server
certificate.
Figure 3-6 Renew server certificate
Pressing the softkey "Cancel" will ignore all input and return to the "Server" dialog.
Pressing the softkey "Ok" will save the input to the system, the currently valid certificate will
be deleted and with the next start of SINUMERIK Operate the new certificate gets created.

Exporting server certificates

For an offline preparation of the connection to the server, you can export the server certificate.
After that the certificate can be imported and trusted on the client side.
1. Press the softkey "Export".
A pop-up screen will appear showing the USB device to export to. You can navigate to a
location on the USB device to export the OPC UA server certificate.
Pressing the softkey "Cancel" will ignore all input and return to the "Server" dialog.
Pressing the softkey "Ok" will export the certificate.

3.4.3 Client certificates
3.4.3.1 Trusted certificates
Overview
① The trusted certificates are listed in the upper part of the screen. You can select a certificate using
the arrow keys (cursor up/ cursor down).
② You can delete the trusted certificates.
③ You can import a certificate from an USB device.
⑤ The certificate details are shown in the lower part of the screen. To set the focus on the lower part
of the screen the softkey "next window" on the keyboard is used.
Figure 3-7 Trusted Certificate

Deleting trusted certificates

1. To manually delete a client certificate select a certificate in the trusted list and press the
softkey "Delete".
A pop-up screen will appear asking you for confirmation of deletion:
Figure 3-8 Delete certificate
Pressing the softkey "Cancel" will do no action and return to "Trusted" dialog.
Pressing the softkey "Ok" will delete the selected certificate.
Note
After the deletion of the client certificate a connection with OPC UA server can no longer be
established by the client of the corresponding certificate.
Importing certificates
To prepare a connection a client certificate can be imported before actually establishing a
connection. With the import the certificate is automatically trusted.
1. Press the softkey "Import".
A pop-up screen will appear showing the USB device to import from. You can navigate to a
location on the USB device to import a certificate to a trusted folder.
Pressing the softkey "Cancel" will ignore all input and return to the "Trusted" dialog.
Pressing the softkey "Ok" will import the certificate.
Note
Keep in mind, that only certificates with the file extension "*.der" are accepted.
Note
To use a certificate for authentication it is necessary to create a user with the method
"AddCertificateUser" first.

3.4.3.2 Rejected certificates
Overview
① The rejected certificates are listed in the upper part of the screen. You can select a certificate
using the arrow keys (cursor up/ cursor down).
② You can delete the selected certificate.
③ You can trust the selected certificate.
⑤ The certificate details are shown in the lower part of the screen. To set the focus on the lower part
of the screen the softkey "next window" on the keyboard is used.
Figure 3-9 Rejected Certificate

Deleting rejected certificates

1. To manually delete a client certificate, select the certificate in the rejected list and press the
softkey "Delete".
Figure 3-10 Delete certificate
Pressing the softkey "Cancel" will do no action and return to the previous dialog.
Pressing the softkey "Ok" will delete the selected certificate.
Trusting rejected certificates

If the setting "Accept certificates automatically" is deactivated, certificates automatically
transferred by a client with the first connection attempt will be treated as untrusted and need to
be trusted manually before the connection can be established. In this case, the server will report
an error (BadSecurityChecksFailed) on initial connection attempt.
1. To manually trust a client certificate, select the certificate in the rejected list and press the
softkey "Trust".
A pop-up screen will appear asking for confirmation of trusting the certificate.
Figure 3-11 Trust certificate
Pressing the softkey "Cancel" will return to the "Rejected" dialog.

Pressing the softkey "Ok" will trust the certificate and move it to the trusted folder.

3.5 Testing the connection
Requirement
To test the connection, you can use the "Sample Applications" of the OPC Foundation (https://
opcfoundation.org/developer-tools/specifications-unified-architecture/opc-unified-
architecture-for-cnc-systems/) under "Developer Tools/Developer Kits/Unified Architecture". It
is necessary to register with the OPC Foundation for this.
Note
There are two ways to establish the connection:
● Connection without security
● Connection with the security policy "Basic128Rsa15" respectively "Basic256" and the
security mode "SignAndEncrypt"
SIEMENS always recommends setting up a connection with security, as only in this way the
confidentiality of the data transmitted can be ensured.
Installation
The "Sample Applications" additionally install a service with the name "OPC UA Local
Discovery Server". If you want to locally test the OPC UA connection, i.e. an installation directly
on the PCU 50/IPC, you must deactivate this service.
Note
If the service "OPC UA Local Discovery Server" is active, the OPC UA server cannot be started
correctly, because it blocks the needed TCP port 4840.
This service has no influence if the "Sample Applications" are installed on a PC in the network.
Deactivation is then not necessary.

Figure 3-12 Deactivating the "OPC UA Local Discovery Server" service on PCU 50/IPC

Procedure
1. Start the OPC UA "Sample client".
Figure 3-13 Sample Client main window
2. Select the "New" entry from the drop-down list.

The "Discover Servers" window opens.
3. Now enter the IPv4 address of the target system and click the "Discover" button.
Figure 3-14 Discover servers
4. The SINUMERIK OPC UA server appears in the list. Select the server and confirm with "OK".
5. Return to the main window and click the "Connect" button.

6. To establish a simple connection without security, configure the following settings. After
clicking "OK", enter the administrator user assigned when OPC UA was set up and the
administrator password. Confirm your settings by clicking "OK".
Figure 3-15 Server configuration
Figure 3-16 User Identity

7. Confirm the prompt asking if you want to trust the transferred certificate with "Yes".
Figure 3-17 Certificate
The connection to the SINUMERIK OPC UA server is now established and the available
address space is displayed.
Figure 3-18 Address space of the SINUMERIK OPC UA server
8. Now navigate to a nodeID (e.g. R-parameter at Sinumerik > Channel > Parameter > R) and
right click the corresponding entry. You can now test various functions:

– E.g. read, write, setup monitoring
Figure 3-19 NodeID "Sinumerik > Channel > Parameter > R"
– The attributes of a NodeID can be queried via the entry "View Attributes". One of these
attributes is the "Value", which provides the corresponding value of R1.
Figure 3-20 Viewing node attributes

Customer Specific Object Model (CSOM) 4
4.1 Overview
What is a Customer Specific Object Model (CSOM)?

The primary objective of the OPC UA address space is to provide a standard way for servers
to represent objects to clients. The OPC UA object model has been designed to meet this
objective. It defines objects in terms of variables and methods. It also allows relationships to
other objects to be expressed.
A Customer Specific Object Model allows a specific view of the OPC UA server to meet the
requirements in a customer-specific project. For this purpose, you can specify all required OPC
UA nodes in an XML file.
You can use several tools to create your own Object Model. In this manual, all processes and
examples are explained on the base of the tool SiOME (Siemens OPC UA Modeling Editor).
SiOME
With the help of SiOME, a tool for implementing Customer Specific Object Models or OPC UA
companion specifications, you can design information models / address spaces for your OPC
UA server and can create new types and instances of OPC UA nodes.
You can also use SiOME to map OPC UA variables to SINUMERIK variables.
Download link and explanations about SIOME are available here (https://
support.industry.siemens.com/cs/de/en/view/109755133).

Customer Specific Object Model (CSOM)
4.2 Functionalities
4.2 Functionalities
What is possible with a CSOM?

Possible application scenarios for a CSOM could be the following:
● Implementation of an own Information model
● Modifying of an own information model:
– structure
– display name
– browse name
– description
What is not possible?

● Change of data types
● Create a new variable which is not part of the SINUMERIK address space
Quantity structure of CSOM
Feature Value
Maximum number of binary files 1
Maximum number of CSOM namespaces 7
Maximum number of nodes in CSOM 10.000

4.3 Workflow for using CSOM in the SINUMERIK OPC UA server
4.3.1 Overview
In order to use a Customer Specific Object Model (CSOM), it is necessary to follow a certain
workflow procedure.
The following chapter provides an overview about the necessary process steps. Every process
step will also be covered in greater detail.
CSOM process workflow

The CSOM workflow consists of the following steps:
1. Exporting SINUMERIK model from OPC UA server as OPC UA XML (Page 43) with
SINUMERIK Access MyMachine /P2P.
2. Creating a CSOM with SiOME (Page 45).
3. Converting the CSOM from XML to binary (Page 57) with SINUMERIK Access
MyMachine /P2P.
4. Importing the CSOM into the SINUMERIK OPC UA server (Page 58) with SINUMERIK
Operate.
4.3.2 Exporting SINUMERIK model from OPC UA server as OPC UA XML

SiOME offers the possibility to map variables using drag and drop. In order to provide this
usability, SiOME needs to know the SINUMERIK address space of the machine, where the
CSOM should be implemented.
Since the address space depends on machine configuration, this address space has to be
exported after commissioning of the machine using "SINUMERIK Access MyMachine /P2P".
SINUMERIK Access MyMachine /P2P is reading SINUMERIK address space via OPC UA
browse functionality and providing an XML file to be imported into SiOME.
Prerequisites
For exporting SINUMERIK OPC UA model, it is necessary to have SinuReadAll access right.
SINUMERIK Access MyMachine /P2P

SINUMERIK Integrate Access MyMachine /P2P (MLFB 6FC5860-7YC00-0YA0) supports the
commissioning of machines with SINUMERIK Operate (software version 2.6 and higher) using
a standard Windows PC. Its scope of functions includes the exchange of files between the
service PC and the control as well as operation of the HMI user interface. EasyScreen texts,
alarm texts, tool management texts and other texts can be edited easily.

Exporting SINUMERIK OPC UA model as OPC UA XML

The following graphic shows the process of exporting the target system address space as
OPC UA XML.
;0/
%URZVH ([SRUW
6,180(5,.
&OLHQW 6,180(5,.
0RGHO
ವ 0RGHO
&UHDWH;0/ HJ86%
Figure 4-1 Exporting SINUMERIK OPC UA model as OPC UA XML
Procedure
1. Open the application "SINUMERIK Access MyMachine /P2P".
2. Click on "Tools > Sinumerik Opcua Server Tools > Opcua Server Model Export". A popup
window appears.
Figure 4-2 Opcua Server Model Export
3. Enter the IP address and the port of the OPC UA server as well as the username and
password to access the server. Then specify where the output file should be saved to.
4. Click "Start" button to generate the xml file. The generated XML file is saved to the specified
location.

The generated XML file can then be imported into SiOME tool.
4.3.3 Creating a CSOM with SiOME
4.3.3.1 Overview
SiOME is a free of charge tool from SIEMENS that allows to easily create an OPC UA object
model and map the object either to SINUMERIK or SIMATIC S7-1500 variables.
The following chapter shows the engineering workflow for a CSOM with SINUMERIK and
SiOME.
This process itself has 3 sub steps:
1. Importing SINUMERIK model (XML) (Page 45)
2. Modeling own object model (Page 48)
3. Exporting CSOM (XML) (Page 54)
;0/

,PSRUW
6,180(5,.
0RGHO

0RGHO
'HVLJQ
9DULDEOH
0DSSLQJ
;0/
([SRUW
&XVWRPHU
0RGHO
Figure 4-3 Creating a CSOM with SiOME
These 3 sub steps are explained further in the below sections with one application example.
4.3.3.2 Importing SINUMERIK model (XML)
Prerequisite
Exported SINUMERIK model (XML) file from SINUMERIK Access MyMachine /P2P.

Procedure
1. Open the SiOME application.
2. Click the icon in "SINUMERIK" tab to import the SINUMERIK model (XML) as shown in
the below image.
Figure 4-4 SiOME dashboard page
3. A "Open" dialog box appears. Select the exported SINUMERIK model (XML) file and then
click "Open".
Result
SINUMERIK tab shows the SINUMERIK browse tree as shown in the below image:

Figure 4-5 SINUMERIK tab with SINUMERIK browse tree

4.3.3.3 Modeling own object model
Creating new namespace

To create a new namespace, follow the below steps:
1. Right-click on "Namespaces" in "Namespaces" tab and then click on "Add Namespace".
Figure 4-6 Namespaces tab
2. The "Add Namespace" popup window appears. Enter a name in the "Namespace URI" field
and then click "Ok".
Figure 4-7 Add Namespace popup window
Result
The new namespace is added.

Figure 4-8 Namespace added
Creating new object

To create a new namespace, follow the below steps:
1. Right-click on "Objects" node in "Information model" tab and then click on "Add Instance".
Figure 4-9 Information model tab
2. The "Add Instance" popup window appears. Enter a name in the "Name" field.
Figure 4-10 Add Instance popup window
3. Verify that newly added namespace is selected in the "Namespace" row and then click "Ok".

Result
The new instance is added under "Objects" node.
Figure 4-11 New instance added
Adding a new instance for a variable

To add a new instance for a variable, follow the below steps:
1. Under "Objects" node, right-click on "MyMachine" node and then click on "Add Instance".
Figure 4-12 Adding a new instance for a variable
2. The "Add Instance" popup window appears. Enter a name in the "Name" field.

3. Select "Variable" from the "NodeClass" drop-down list.

4. Select "Double" from the "DataType" drop-down list and then click "Ok".
Figure 4-13 Add Instance popup for a variable
Result
The new instance is added for a variable under "MyMachine" node.
Figure 4-14 New Instance added under a variable

Mapping to SINUMERIK data

To map to SINUMERIK data, follow the below steps:
1. Move the slider to right, to activate the mapping table as shown in the below image.
Figure 4-15 Mapping table slider
2. The slider turns green in color and the mapping table is visible.
Drag and drop the variable from the "SINUMERIK" tab to the variable "PositionX" in the
"Information model" tab as shown in the below image.
Figure 4-16 Mapping SINUMERIK variable
The variable is added in the mapping table in the "Information model" tab.
Figure 4-17 SINUMERIK variable added in mapping table
3. Add the correct axis index

Figure 4-18 Adding axis index

4.3.3.4 Exporting CSOM (XML)

To export the CSOM (XML) to your local machine, follow the below steps:
1. Click the icon in the "SINUMERIK" tab as shown in the below image.
Figure 4-19 Exporting the CSOM
2. The "Export XML" popup appears.

Select the "MyNamespace" check-box and then click "Ok".
Figure 4-20 Export XML popup
3. A "Save as" dialog box appears.

Select the location to save the exported CSOM (XML) file and then click "Save".
For further steps, continue with the chapter Converting the CSOM from XML to binary
(Page 57).
For a more detailed description of SiOME, refer to Industry Online Support (https://
support.industry.siemens.com/cs/de/en/view/109755133). You can find a function manual,
download link, further explanations and applications examples on modeling and mapping.

Additional information on data types, modeling rules and necessary user access rights for the
modeling process are explained in the following chapters:
● Mapping data types (Page 55)
● Modeling rules (Page 55)
● Access control with CSOM (Page 56)
4.3.3.5 Mapping data types
Mapping data types

The table below shows the compatible SINUMERIK data type for each OPC UA data type.
Assign the data types as shown below (SINUMERIK data type – OPC UA data type). Other
assignments are not permitted. You are responsible for the rule-compliant selection and
assignment of the data types.
You may find further information on mapping of OPC UA data types in the document "OPC UA
Information Model for IEC 61131-3".
Table 4-1 Mapping of data types
SINUMERIK data type OPC UA data type

Bool Boolean
Character Byte
Byte Byte
Word UInt16
Short Integer SByte
Doubleword UInt32
Long Integer Int64
Float Float
Real Float
Double Double
String String
4.3.3.6 Modeling rules

Following are the rules while modeling the exported SINUMERIK model (XML) with SiOME:
● The exported SINUMERIK Model (XML) should not be used in the "Information Model"
window as a base for model creation.
● No new nodes should be added under the below namespaces:
– 0: http://opcfoundation.org/UA/
– 1: urn:ncu1.local:SiemensAG:SinumerikServer
– 2: SinumerikVarProvider

● Up to 10.000 nodes (over all CSOM namespaces) can be modeled within the OPC UA
server.
● Total namespaces should not be more than 10 (Including the above namespaces).
● First three namespaces 0, 1 and 2 should not be edited, deleted or change in order.
● Additional namespaces should have an index of 3 or higher.
● In SiOME, when a new node is created with a "ValueRank" set to "Dimension" then the value
attribute of the node should be initialized by clicking on the "Value" in the "Attribute" window.
Note
If customer model is not shown in the browse tree, then refer to the error logs under the folder
(..\user\sinumerik\hmi\log\opcua).
4.3.3.7 Access control with CSOM

For the CSOM, the customer has the follwoing possibilities to provide access rights for
variables:
1. In SiOME, the CSOM Access level can be defined.
2. In addition, the OPC UA administrator has two new access rights:
– CsomReadx
– CsomWritex
To read a variable within a CSOM namespace the OPC UA administrator has to provide the
user with the access right "CsomReadx" while "x" stands for the namespace index.
For example, to read a variable out of namespace 3, the user only needs to get the access right
"CsomRead3". No other access rights are needed. The same is valid for "CsomWritex".
The following table gives an overview about the interaction between CSOM access level and
access rights of target device. A variable that is read only by access rights of target device can
not be written by OPC UA, even if the OPC UA access write is read/write (3).
Table 4-2 Access table
CSOM CSOM namespace Rights of target device Result

AccessLevel rights
1 = Read No access Read / Write No access

Read Read / Write Read
Write Read / Write No access
Read / Write Read / Write Read

CSOM CSOM namespace Rights of target device Result

AccessLevel rights
2 = Write No access Read / Write No access

Read Read / Write No access
Write Read No access
Write Read / Write Write
Read / Write Read No access
Read / Write Read / Write Write
3 = Read/Write No access Read / Write No access
Read Read / Write Read
Write Read No access
Write Read / Write Write
Read / Write Read Read
Read / Write Read / Write Read / Write
4.3.4 Converting the CSOM from XML to binary

The exported CSOM (XML) from SiOME needs to be converted to a binary format that can be
read by SINUMERIK OPC UA server. The converted binary file has a more compact format and
is therefore controller optimized. For this conversion process SINUMERIK Access MyMachine/
P2P is used.
The following graphic shows the process of converting the CSOM (XML) to binary format.
;0/
5HDG&RQYHUW
&XVWRPHU0RGHO &OLHQW 6DYH%LQDU\
&XVWRPHU0RGHO
ವ&RQYHUW;0/WRELQDU\
86%
Figure 4-21 Converting the CSOM from XML to binary

Procedure
1. Open the application "SINUMERIK Access MyMachine /P2P".
2. Click "Tools > Sinumerik Opcua Server Tools > Model Binary Converter". A popup window
appears.
Figure 4-22 Model Binary Converter
3. Select the location of the XML file under "Input XML File" and specify the location to save the
binary file under "Output BIN File".
4. Click "Start" button to generate the binary file. The generated binary file will be saved to the
specified location.
Result
Imported CSOM XML file is converted to binary format.
4.3.5 Importing the CSOM into the SINUMERIK OPC UA server

After converting the CSOM (XML) to a binary format, it can be imported to the SINUMERIK
OPC UA server.
The following graphic shows the process of importing the CSOM (binary format) to SINUMERIK
OPC UA server.
,PSRUW%LQDU\
&XVWRPHU0RGHO
HJ86%

Figure 4-23 Importing the CSOM into the SINUMERIK OPC UA server
Procedure
1. Copy the binary file either to an USB/Networkshare or - alternatively - transfer the file via
AMM directly to the control (addon\sinumerik\hmi\opcua\models).
Note
If models folder is not present, then create a folder name models.
2. Press the softkey "Add Model" in the OPC UA model dialog and select the saved binary file.
3. Press the softkey "OK".
The model is visible in the OPC UA model dialog.
4. Then press the softkey "Change" and activate the customer specific model.
5. Restart the OPC UA server by restarting SINUMERIK OPC UA server.
Result
The CSOM is now accessible in SINUMERIK Operate.
Note
For accessing data via an OPC UA client, it is necessary to have appropriate access rights (see
chapter List of access rights (Page 72)).

4.4 CSOM dialog in SINUMERIK Operate
4.4.1 Overview
To have a comfortable way to work with a customer specific object model, the OPC UA dialog
offers a special section, which can be found under the softkey "Model".
Figure 4-24 Softkey Model
The SINUMERIK Operate dialog has the following functionality:

● Import of CSOM binary file from USB/Networkshare or via AMM
● Display the filename of the selected binary file
● Deleting the selected binary file
● Activate the selected binary file
● Deactivate the actual binary file
Note
The changes are visible only after restarting the OPC UA server.

4.4.2 OPC UA model dialog
Overview
Press the "Model" softkey to get the below screen.

① The OPC UA model dialog shows the activated CSOM and also displays the following informa‐
tion:
● Filename of the CSOM
● The namespace of the CSOM
● The version of the CSOM
● The date of the import
● Status of activation
② You can add new CSOM
③ You can delete the CSOM
④ You can change the CSOM by selecting from the drop down list and also it can be activated/
deactivated
See also
Adding model (Page 62)
Activating / Deactivating OPC UA model and SINUMERIK namespace (Page 66)
Deleting OPC UA model (Page 64)

4.4.3 Adding model
Note
This option can be seen with user access rights, but you can add models with only
manufacturer's rights.

Procedure
1. To add a customer specific object model press the softkey "Add Model".
Figure 4-25 Softkey Add Model
The "Add Model" popup screen appears.

2. Select the binary file from either USB/Networkshare.
Figure 4-26 OPC UA Models Add
Pressing the softkey "Cancel" will do no action and return to "OPC UA Models" screen.
Pressing the softkey "OK" will add the binary file.

4.4.4 Deleting OPC UA model
Note
This option can be seen with user access rights, but you can delete models with only

Procedure
1. To delete a customer specific object model press the softkey "Delete Model".
Figure 4-27 Softkey Delete Model
2. Select the model you want to delete from the CSOM drop-down list and then click "OK".
Figure 4-28 OPC UA Models Delete

Figure 4-29 Delete Model popup
Pressing the softkey "OK" will delete the customer model.
4.4.5 Activating / Deactivating OPC UA model and SINUMERIK namespace
Note
This option can be seen with user access rights, but you can change models with only

Procedure
1. Press the softkey "Change".
Figure 4-30 Softkey Change
2. The following screen appears where you can perform the following functions:
– Selecting the CSOM file from the drop-down list.
– Activating the CSOM file by selecting the check box.
– Deactivating the CSOM file by clearing the check box.
– Activating the SINUMERIK namespace by selecting the check box.
– Deactivating the SINUMERIK namespace by clearing the check box.
Figure 4-31 OPC UA Models Select

Pressing the softkey "OK" will apply the changes.

User administration 5
5.1 Overview
The admin can add/delete users and access rights via OPC UA methods provided by the
server. Therefore a connection with a generic client must be established, using the admin
credentials.
Users and access rights can then be assigned using the following OPC UA server methods:
● Add users (AddUser, AddCertificateUser)
● Delete users (DeleteUser)
● List users (GetUserList)
● Change password (ChangeMyPassword)
● Give access rights (GiveUserAccess)
● Remove access rights (DeleteUserAccess)
● List access rights (GetMyAccessRights, GetUserAccessRights)
NOTICE
Misuse of access rights
As an administrator, you are fully responsible for the administration of users and their access
rights. Any error in the administration process can lead to the misuse of access rights.
Note
Anonymous connection
You can also establish an anonymous connection during commissioning, if this setting is active,
but the methods will not be available (feedback: "BadRequestNotAllowed").
Note
Anonymous user
Anonymous users don't have any access (Read/Write) rights after installation. As an
administrator, you have to set these access rights explicitly.
Note
Administrator has only read rights
Note that the administrator has only read rights per default. Other rights need to be set explicitly.
Note
You can only add or remove users or access rights if you are connected as administrator. If you
call the methods with a different user, you will receive the message "BadInvalidArgument".

User administration
5.2 User management
5.2 User management

A new user created with the "AddUser" or "AddCertficateUser" function has no access rights at
all. The user administrator has the responsibility for the user management and the associated
access rights. All users must use a secure password.
Table 5-1 Methods for user administration
Method Description
AddUser Creates a new user for accessing OPC UA.
Input arguments:
UserName User Name
Initially, the password of the new user is the user name. It should then be changed using the
method "ChangeMyPassword".
AddCertificateUser Creates a new user for accessing OPC UA via certificate authentication.
Input arguments:
UserName user, certificate is issued to
CertficateData Certificate(.der) as byte string
DeleteUser Deletes a user who was added previously using the method "AddUser" and "AddCertificateUs‐
er".
Input arguments:
UserName User Name
The administrator user, created when OPC UA was set up, cannot be deleted.
GetUserList The administrator can read the list of all users.
Input arguments:
- List of users
ChangeMyPassword Changes the password for the connected user.
Input arguments:
OldPwd Current password
NewPwd1 New password
NewPwd2 New password (security prompt)
Important!
Whereas the methods "AddUser", "DeleteUser", "GiveUserAccess" and "DeleteUserAccess"
can only be called up if the user is connected as the administrator, the user must connect as the
corresponding user in order to change the password.

User administration
5.3 Access rights management
5.3 Access rights management

After setting up the OPC UA components, the administrator user has read access to all data
("SinuReadAll") but no write access. These access rights must be set explicitly.
The administrator can also add the user access rights for individual PLC DBs.
Table 5-2 Methods for user administration
Method Description
GetMyAccessRights The currently connected user can read his access rights.
Input Arguments:
- Rights
GetUserAccessRights The administrator can read the access rights of another user.
Input Arguments:
User name Rights
DeleteUserAccess Deletes the specified access rights for a user.
Input Arguments:
User A user whose access rights are to be
deleted
Realm The access rights to be deleted as a
string.
If a user wants to delete several ac‐
cess rights, they must be separated
by a semicolon.
For all possible realm strings, see chapter List of access rights (Page 72).
Example:
DeleteUserAccess("John","PlcReadDB100")
Admin wants to delete read rights of user "John" for PLC data block DB100.
Major access rights versus minor access rights

A possibilty to reset all user access rights is to use the general OPC UA access rights behaviour
that by deleting a major access right all minor access rights will be deleted too. So if you have
granted several read rights for special users to read certain data blocks beforehand, you can
reset all of these access rights by deleting "SinuReadAll".

User administration
5.4 List of access rights

Below is the list of access rights a user is assigned:

User administration
Table 5-3 List of access rights
Method Description
GiveUserAccess Sets the specified access rights for a user. The access rights below can be combined in any
combination.
Input Arguments:
User User name which is to given the access rights
Realm The access rights to be set as a string.
If a user wants to set several access rights,
they must be separated by a semicolon.
Some possible realm strings are:
"StateRead" Status data - NC, channel, axis, read access
"StateWrite" Status data - NC, channel, axis, write access
"FrameRead" Zero offsets, read access
"FrameWrite" Zero offsets, write access
"SeaRead" Setting data, read access
"SeaWrite" Setting data, write access
"TeaRead" Machine data, read access
"TeaWrite" Machine data, write access
"ToolRead" Tool and magazine data, read access
"ToolWrite" Tool and magazine data, write access, Tool
management methods
"DriveRead" Drive data, read access
"DriveWrite" Drive data, write access
"GudRead" User data, read access
"GudWrite" User data, write access
"FsRead" File system, read access
"FsWrite" File system, write access
"PlcRead" PLC, read access
"PlcWrite" PLC, write access
"AlarmRead" Allows to subscribe to alarms
"RandomRead" Random, read access
"RandomWrite" Random, write access
"SinuReadAll" All of the read access operations mentioned
"SinuWriteAll" All of the write access operations mentioned
"ApWrite" Allows to call method "Select"
"PlcReadDBx" PLC DB read access (x indicates the DB num‐
ber)
"PlcWriteDBx" PLC DB write access (x indicates the DB num‐
ber)
"CsomReadx" CSOM read access (x indicates the name‐
space number, possible numbers: 3-9)1
"CsomWritex" CSOM write access (x indicates the name‐
space number, possible numbers: 3-9)1
Examples:

User administration
Method Description
● GiveUserAccess ("MyUser", "GudRead; PlcWrite")
Sets the read access for user data for the "MyUser" user and sets the write access for the
PLC.
● GiveUserAccess ("John","PlcReadDB100")
Admin gives read rights to user "John" for PLC data block DB100.
1) CSOM read and write access rights is sufficient to access the CSOM namespace. It overwrites all the other user rights.
Therefore, no other additional rights are needed for reading or writing in CSOM address space ( for example, PLC read access
rights is not needed to read the PLC data in CSOM).

Functionality 6
6.1 Overview
Overview
The OPC UA server provides the possibility to communicate with SINUMERIK via OPC UA.
The following functionalities of the OPC UA specification are supported by the server:
● Data Access:
Read, write and subscribe to SINUMERIK variables (NC, PLC)
● Alarms & Conditions:
Event based provision of SINUMERIK alarms and messages from HMI, NC and PLC
● Methods:
User management, file transfer, tool management and program selection
This chapter describes the address space of the OPC UA server and gives further information
how to address some SINUMERIK specific values. Especially since a lot of SINUMERIK values
are stored in arrays or matrices.
Furthermore you can find description on the SINUMERIK alarm object and how to get the
alarms from the server.
At the end of this chapter explanation on how users can transfer files from or to the server using
the SINUMERIK file system.

Functionality
6.2 Address space model
Address space model

If the OPC UA server is browsed, the available address space is mapped under the "Sinumerik"
node.
Global User Data (GUD) can be found under the "/Sinumerik/GUD" node.
The PLC blocks (inputs, outputs, bit memory, data blocks) can be found under the "/Sinumerik/
Plc" node.
Machine data can be found under the node "/Sinumerik/TEA".
Setting data can be found under the node "/Sinumerik/SEA".
Observe the following while browsing:
● In the address space of the NC, the displayed variables always represent only the first
parameter of the corresponding unit.
Example:
The R parameters can be found under "Sinumerik > Channel > Parameter > R". The
corresponding identifier is called "/Channel/Parameter/R", which is finally mapped to "/
Channel/Parameter/R[u1, 1]". If you want to access other parameters, you need to specify
the corresponding index in brackets, e. g. "/Channel/Parameter/R[u2,56]".
● In the address space of the PLC, the displayed variables represent the access format that
has to be extended accordingly.
Example:
The variable "/Plc/MB" is in the address space and is mapped to "/Plc/MB0". For accessing
further bytes this variable must be extended by the appropriate byte number, e.g. "/Plc/
MB6".
● The address space of the NC also contains variables that are not available in a
corresponding machine configuration. These variables return "BadAttributeIdInvalid" as
value.

Functionality
Figure 6-1 Browsing

Functionality
6.3 Variable access
6.3 Variable access
6.3.1 Variable paths for NC access operations
Note
You have to pay attention to the correct upper-case and lower-case of the "nodeID". The
respective identifier of the "nodeID" provides information on the correct notation.
Variable access
The variable paths for NC access are stored in the address space of the SINUMERIK Operate
OPC UA server.
You can obtain further information from the List Manual for 840D sl and 828D "NC variables and
interface signals" (https://support.industry.siemens.com/cs/de/de/view/109748365/en).
Figure 6-2 Identifier for R parameter
The displayed NC variables always represent only the first parameter of the corresponding NC
data area (channel, TO area, mode group).
Example
Syntax of the R parameter is as follows: R[Channel,Parameter]

Functionality
6.3 Variable access
The R parameters are found under the identifier "/Channel/Parameter/R", which is eventually
mapped to "/Channel/Parameter/R[u1, 1]". If you want to access other parameters, you must
correspondingly extend the identifier, for example "/Channel/Parameter/R[u2, 56]".
Table 6-1 Examples of variable paths (NC access operations)
Variable path Description

/Channel/Parameter/R[u1,10] R parameter 10 in channel 1
/Channel/Parameter/R[u1,1,5] R parameter array
/Channel/Parameter/R[u1,1,#5] R parameters 1 to 5 in channel 1
/Channel/GeometricAxis/name[u2,3] Name of the 3rd axis in channel 2
/Channel/GeometricAxis/actToolBasePos[u1,3] Position of the 3rd axis in channel 1
Note
Please keep in mind that with array access only max 149 parameters are allowed in one access
operation (for example /Channel/Parameter/R[u1, 1, #149]).
6.3.2 Variable paths for GUD access operations

GUD variables can be found in the OPC UA server under the "/Sinumerik/GUD" node.
The displayed GUD variables always represent only the first parameter (for GUD arrays) of the
first NC channel (for channel-dependent GUD variables). If you want to access a different
parameter of a GUD array or a different channel, you must extend the identifier accordingly for
the NC access.
GUD arrays are 1-indexed for access, and access is always one-dimensional. This means, the
index must be calculated for multi-dimensional arrays.
Example 1: One-dimensional array, NC-global GUD array

"UGUD.DEF" file
DEF NCK INT ARRAY[2]

M17
Access is performed as follows:
ARRAY[0] → /NC/_N_NC_GD3_ACX/ARRAY[1]
ARRAY[1] → /NC/_N_NC_GD3_ACX/ARRAY[2]
Example 2: Two-dimensional array, channel-dependent GUD array

"UGUD.DEF" file
DEF CHAN INT ABC[3,3]

M17

Functionality
6.3 Variable access
Access is performed as follows:
ABC[0,0] → /NC/_N_CH_GD3_ACX/ABC[u1, 1]
ABC[0.1] → /NC/_N_CH_GD3_ACX/ABC[u1, 2]
6.3.3 Variable paths for PLC access operations

PLC variables can be found in the OPC UA server under the "/Sinumerik/Plc" node.
In the address space of the PLC, the displayed variables represent the access format that has
to be extended accordingly.
Example
Syntax of the PLC variable is as follows: "/Plc/MB"
This variable must be extended by the appropriate byte number, e.g. to "/Plc/MB6".
Note
On SINUMERIK 828D, you can only access the freely definable customer data blocks from
DB9000.
Access formats
The various access formats are shown in the following table. They need to be prefixed with "/
Plc/".
Note
The data type is converted during access with the OPC UA data access interface. Refer to the
following table for the data type conversions.
Table 6-2 PLC syntax
Area Address (IEC) Permissible data types OPC UA data type

Output image Qx.y BOOL Boolean
Output image QBx BYTE, CHAR, UInt32
STRING String
Output image QWx WORD, CHAR, UInt32
INT, Int32

Functionality
6.3 Variable access
Area Address (IEC) Permissible data types OPC UA data type

Output image QDx DWORD, UInt32
DINT, Int32
REAL Double
Data block DBz.DBXx.y BOOL Boolean
Data block DBz.DBBx BYTE, CHAR, UInt32
STRING String
Data block DBz.DBWx WORD, CHAR, UInt32
INT Int32
Data block DBz.DBDx DWORD, UInt32
DINT, Int32
REAL Double
Input image Ix.y BOOL Boolean
Input image IBx BYTE, CHAR, UInt32
STRING String
Input image IWx WORD, CHAR, UInt32
INT Int32
Input image IDx DWORD, UInt32
DINT, Int32
REAL Double
Bit memory Mx.y BOOL Boolean
Bit memory MBx BYTE, CHAR, UInt32
STRING String
Bit memory MWx WORD, CHAR, UInt32
INT Int32
Bit memory MDx DWORD, UInt32
DINT, Int32
REAL Double
Counters Cx - Byte
Timers Tx - UInt32
PLC time Clock - UInt16
Notes regarding the table:

● "x" represents the byte offset; "y" the bit number in the byte and "z" the data block number.
● The data type in bold characters is the default data type and does not have to be specified.
The specifications DB2.DBB5.BYTE and DB2.DBB5 are equivalent.
● Square brackets are used to access arrays, e.g. "/Plc/DB5.DBW2:[10]" (word array of length
10).
● Access to STRING arrays ("/Plc/DB123.DBB0:STRING[5]") is not supported.
Examples of variable paths (PLC access operations)
Table 6-3 Examples of variable paths (PLC access operations)

/Plc/M5.0 Memory bit 0 at byte offset 5
/Plc/DB5.DBW2 Word (16-bit) at byte offset 2 in data block 5

Functionality
6.3 Variable access

/Plc/DB8.DBB2:STRING UTF8 string beginning at byte offset 2 in data block 8
/Plc/DB8.DBW2:[10] Array of 10 words beginning at byte offset 2 in data block 8
/Plc/DB100.DBB1 Byte at byte offset 1 in data block 100
/Plc/DB2.DBD0:REAL[10] Array of 10 double words (32-bit) beginning at byte offset 0 in data block 2, which are
formatted as a floating-point number
Note
● Timers can only be read. A timer is active if it contains a value other than 0.
● If the data type CHAR or STRING is used in conjunction with a byte access, UTF8
characters are read, but if either data type is used in conjunction with a word access, UTF16
characters are read.
● Variables of the STRING type contain the maximum length in the first byte and the actual
length in the second byte. When strings are written, the actual length is adapted accordingly.
The maximum length is not changed.
● For the STRING data type in conjunction with a byte access (e.g. "/Plc/
DB99.DBB0:STRING"), the maximum string length is 255 characters. As a result of the
UTF8 formatting, for some characters (e.g. for the "µ"), two bytes are required so that the
maximum string length is correspondingly reduced.
● Only one-dimensional arrays are supported.
6.3.4 Variable paths for machine and setting data

The variable paths for machine and setting data are stored in the address space of the OPC UA
server under the nodes "/Sinumerik/TEA" and "/Sinumerik/SEA". Pay attention to the correct
upper-case and lower-case of the "nodeID". The respective identifier of the "nodeID" provides
information on the correct notation.
The displayed machine and setting variables always represent only the first parameter of the
corresponding data area (channel, axis).
Table 6-4 Examples of variable paths (machine and setting data)

/NC/_N_CH_TEA_ACX/$MC_CHAN_NAME Channel name of channel 1
/NC/_N_CH_TEA_ACX/$MC_CHAN_NAME[u2] Channel name of channel 2
Machine data arrays are 1-indexed for access.
6.3.5 Variable paths for 1:N configuration (only target system PCU)
By default, data is accessed on the NCU which is being viewed by SINUMERIK Operate.
Switching to a different NCU in the SINUMERIK Operate results in a situation where the OPC
UA server is also looking at the value of the now active NCU.
If the access is to be to a specific NCU, the NodeId must be expanded with a prefix:

Functionality
6.3 Variable access
/Random@<NCUName><NodeId> Examples of variable paths (1:N constellation)
Examples of variable paths (1:N constellation)

/Random@NCU_1/Channel/Parameter/R[u1,10] R parameter 10 in channel 1 of
NCU_1R parameter 10 in channel
1 of NCU_2
/Random@NCU_2/Channel/Parameter/R[u1,10]
/Random@NCU_1/Plc/DB123.DBB0 Byte at byte offset 0 in data block
123 of NCU_1
Note
The NCU names are listed in the "MMC.ini" file.
Entry:
[GLOBAL]
NcddeMachineNames=NCU1,NCU2
Figure 6-3 NCU names with 1:N

Functionality
6.3 Variable access
6.3.6 Finding of OPC UA variables

You can find further information on variable documentation in the list manualNC variables and
interface signals (https://support.industry.siemens.com/cs/de/de/view/109748365/en)
Example 1: Finding an OPC UA variable in the variable documentation

You want to find the variable "opMode" in folder "/Bag/State".
1. Refer to the document mentioned above. Search for "opMode".

Functionality
6.3 Variable access
Example 2: Finding an OPC UA variable occurring in different folders in the variable documentation
You want to find the variable "cuttEdgeParam" which occurs in the folder "/Channel/
Compensation" and "/Tool/Compensation".

Functionality
6.3 Variable access
1. At the beginning of each chapter for variable sections, you find the information "OEM-MMC:
LinkItem" specifying "/ToolCompensation/“.
2. Refer to the document and search for "ChannelCompensation" and then navigate manually
to the requested parameter "cuttEdgeParam".
Example 3: Finding a variable from documentation on OPC UA client

You want to find the variable "cuttEdgeParam" in the Tool edge data section.
1. At the beginning of each chapter of the variable documentation you find the information
"OEM-MMC: LinkItem" specifying here "/ToolCompensation/".
2. Therefore you will find the variable "cuttEdgeParam" in the OPC UA Browse Tree in the
folder "Tool", subfolder "Compensation".

Functionality
6.3 Variable access
6.3.7 Monitored items

An OPC UA client can subscribe to a selection of nodes of interest and let the server monitor
these items. Only in case of changes, e.g. to their values, the server notifies the client about
such changes. This mechanism reduces the amount of transferred data immensely. Besides
the reduction of bandwidth this mechanism introduces further advantages and is the
recommended mechanism to “read” information from a UA server.
A client can subscribe to different types of information provided by an OPC UA server. The
purpose of a subscription is to group these sources of information, called monitored items,
together, forming a piece of information called a notification.
A subscription consists of at least one monitored item, which has to be created within the
context of a session and can be transferred to another session. To create a session, a secure
channel between the client and the server has to be established.
There are two different types of “changes” a client can subscribe to when adding monitored
items to the subscription:
● subscribe to data changes of Variable Values (Value attribute of a Variable)
● subscribe to Events of Objects (EventNotifier attribute of an Object)
Publish interval
Clients define MonitoredItems to subscribe to data and Events. Each MonitoredItem identifies
the item to be monitored and the Subscription to use to send Notifications. The item to be
monitored may be any Node Attribute.
Notifications are data structures that describe the occurrence of data changes and Events.
They are packaged into NotificationMessages for transfer to the Client. The Subscription
periodically sends NotificationMessages at a user-specified publishing interval, and the cycle
during which these messages are sent is called a publishing cycle." (see OPC UA Part 4 -
Services 1.03 Specification.pdf (https://opcfoundation.org/))
Sampling interval
Each MonitoredItem created by the Client is assigned a sampling interval that is either inherited
from the publishing interval of the Subscription or that is defined specifically to override that
rate. [...] The sampling interval indicates the fastest rate at which the server should sample its
underlying source for data changes. (see OPC UA Part 4 - Services 1.03 Specification.pdf
(https://opcfoundation.org/))
See also
Technical data (Page 133)

Functionality
6.4 Alarms
6.4 Alarms
6.4.1 Overview
Any OPC UA client supporting Alarms & Conditions connected to the OPC UA server can
subscribe to alarms to get the notifications of alarms.
All OPC UA Clients that have subscribed for SINUMERIK alarms will be provided with an alarm
as soon as it becomes active. Also if the alarm becomes inactive, the status of the
corresponding alarm/s will be updated automatically.
Alarms and Conditions support subscription of all the pending and active alarms of the
SINUMERIK system. Part program messages are not supported as part of Alarms and
Conditions, but can be received using data access. The OPC UA Server provides all alarms
that will be provided by the SINUMERIK AlarmService:
● HMI alarms
● NCK alarms including drive alarms
● Diagnostic buffer alarms
● PLC alarms (FC10)
● Alarm_S(Q) alarms (SFC17/18, PDiag, HiGraph, S7-Graph) with results of criteria analysis.
Multi language support for the alarms and warnings messages are supported and the required
alarm language can be selected during session creation in OPC UA Client. If the desired
language is not supported in the operate, the default English language is supported.
The SINUMERIK Alarm object is of the "CNCAlarmType" which is defined in the Companion
Specification "OPC UA Information Model for CNC Systems (http://opcfoundation.org/UA/
CNC/)".

Functionality
6.4 Alarms
6.4.2 Subscribe / unsubscribe to alarms
Subscribe to alarms
The SINUMERIK Alarm Event object is connected to the SINUMERIK node. To receive the
alarms, an event subscription must be placed at the SINUMERIK node. The following example
describes how to receive the alarms using the OPC UA Foundation Client:
1. Open the "Quickstart Alarm Condition Client".
Figure 6-4 Alarm Condition Client
2. Click "Conditions > Set Area Filter…". The "Select Area" window appears.
Figure 6-5 The Select Area Window
3. Select "Sinumerik".
4. Click "OK".
The alarms will be displayed on the screen.

Functionality
6.4 Alarms
Figure 6-6 Alarm List
Unsubscribe to alarms
1. Click "Conditions > Set Area Filter…". The "Select Area" window appears.
2. Right click on "Sinumerik" and select "Remove Monitored Item" to unsubscribe the server
from the Quickstart Alarm Condition Client.
6.4.3 Sequence description of alarms

The OPC UA server automatically sends an object of the "CNCAlarmtype" to the OPC UA client
containing the single alarm which has just been triggered.
The OPC UA server automatically resends an object of the "CNCAlarmtype" with the same
content as when the corresponding alarm was triggered, except a change in the status.
To get all the active alarms, the client has to subscribe to the Sinumerik node.
6.4.4 SINUMERIK Alarm object
6.4.4.1 Description
Every variable or object in the address space of an OPC UA server is called a node. Every node
has a server unique node id, its symbolic name, addressing information inside the address
model and some other attributes.
Events are by themselves not visible as nodes in the address space. They can only be received
via objects. Not all objects can signal events. Whether an object can signal events is specified
at the object by the EventNotifier attribute. Only objects where this attribute has been set can
be specified in the Event Monitored Item and received in Clients Events.
The Server Object serves as root notifier, that is, its EventNotifier Attribute shall be set providing
Events. However Server object will not be allowed to subscribe for the Events. Only the
"Sinumerik" Object node is accessible and can subscribe to the events.

Functionality
6.4 Alarms
6.4.4.2 OPC UA event messages and alarms
Access to alarms
User access right is required to subscribe the Events of the Sinumerik object. User access right
with access permission has to be set to “SinuReadAll“ or “AlarmRead“.The access right is
provided using Method Call “GiveUserAccess” as shown below.
Figure 6-7 Alarm access rights
If the client does not have the access with “SinuReadAll “or “AlarmRead” and user tries to
subscribe to the Events, server will return error code with “BadUserAccessDenied”.
Event types
The SINUMERIK Alarm object is of the “CNCAlarmType” which is defined in the Companion
Specification “OPC UA Information Model for CNC Systems (http://opcfoundation.org/UA/
CNC/)”.
The root of the derivation hierarchy is the BaseEventType. The types for Alarms and Conditions
are available below the ConditionType. The Application-specific event types such as
CncAlarmType can be derived. The CncAlarmType extends the DiscreteAlarmType.
An alarm is composed of various nested or parallel state machines. Monitoring can generally
be enabled or disabled. If monitoring is enabled, the alarm can be active or otherwise inactive.
Acknowledgment, confirm and comments of alarms is currently not supported.
The basic type for all condition objects is the condition type. It is derived from BaseEventType.
All mechanisms for alarm processing work even without the condition objects are contained in
the address space.

Functionality
6.4 Alarms
If a condition object changes one or several states, the server sends an event with the
requested event fields to the client. So only the alarms, where a status change happens after
the connection is established, will be sent. To receive all currently active alarms the refresh
method can be used.
CncAlarmType
The CncAlarmType, which is specified in the Companion Specification “OPC UA Information
Model for CNC Systems” is derived from the DiscreteAlarmType, which is defined by the OPC
Foundation.
%DVH23&8$
%DVH(YHQW7\SH &RQGLWLRQ7\SH $FNQRZOHGJHDEOH ,QIRUPDWLRQ0RGHO
&RQGLWLRQ7\SH
'LVFUHWH$ODUP $ODUP&RQGLWLRQ
7\SH 7\SH
&QF$ODUP7\SH
$ODUP,GHQWLILHU
$X[3DUDPHWHUV
+HOS6RXUFH
23&8$,QIRUPDWLRQPRGHO
IRU&1&6\VWHPV
Figure 6-8 OPC UA Information Model for CNC Systems
Description of the CncAlarmType

Since the CncAlarmType is derived from a number of types as you can see in Figure 5-8, it does
not only contain the three attributes AlarmIdentifier, AuxParameters and HelpSource, but also
all the other attributes which are inherited from the objects.

Functionality
6.4 Alarms
Attributes of BaseEventType
Attribute Data type Mapping with respect to SINU‐ M/O Description

MERIK
EventId String Unique node id generated from M EventId is generated by the server to
SINUMERIK system. uniquely identify a particular Event Notifi‐
cation.
The EventId shall always be returned as
value and the server is not allowed to return
a StatusCode for the EventId indicating an
error.
EventType NodeId It is always set to ‘CncAlarmType’. M The EventType shall always be returned as
value and the server is not allowed to return
a StatusCode for the EventType indicating
an error.
SourceNode NodeId Alarm source identifier provided M SourceNode identifies the Node that the
by SINUMERIK system. Event originated from. If the Event is not
specific to a Node, the NodeId is set to null.
SourceName String Supported alarm source names M SourceName provides a description of the
are HMI, NCK, and PLC. source of the Event. This could be the
string-part of the DisplayName of the Event
source using the default locale of the serv‐
er.
If it is not possible for a CNC system to pro‐
vide this information in detail, the Source‐
Name should provide the main component
responsible for this alarm (e.g. CNC, PLC,
or even Channel).
Time UtcTime Alarm time stamp M Time provides the time of the Event occur‐
red. Once set, intermediate OPC UA serv‐
ers shall not alter the value.
ReceiveTime UtcTime Alarm time stamp of the server. M ReceiveTime provides the time the OPC
UA server received the Event from the un‐
derlying device of another server.
Message Localized Text Reading attributes via M Alarm Message provides a human reada‐
(SLAE_EV_ATTR_MSG TEXT) ble and localizable text description of the
Event.

Functionality
6.4 Alarms

MERIK
Severity UInt16 Reading attributes via M Severity of the event message. The range
(SLAE_EV_ATTR_SEVE RITY) of values of the severity is from 1 to 1000,
where 1000 corresponds to the highest se‐
verity.
LocalTime TimeZoneDa‐ Offset and the DaylightSavingI‐ O LocalTime is a structure containing the Off‐
taType nOffset flag set and the DaylightSavingInOffset flag.
The Offset specifies the time difference (in
minutes) between the Time Property and
the time at the location in which the event
was issued.
If DaylightSavingInOffset is -
TRUE: Standard/Daylight savings time
(DST) at the originating location is in effect
and Offset includes the DST correction.
FALSE: The Offset does not include DST
correction and DST may or may not have
been in effect.
Severity of Alarms
SINUMERIK systems use three severity levels (e.g. Information, Warning and Error). The table
below shows the values at SINUMERIK system and its mapping in OPC UA server/client:
Severity Level SINUMERIK System OPC UA server/client

Information 0-1 1
Warning 2-999 500
Error 1000 1000
Additional attributes of the ConditionType

MERIK
ConditionCla NodeId Unique node id (sum of alarm id M String NodeID
ssId and alarm instance) SystemConditionClassType
ConditionCla String Set to “SystemConditionClas‐ M SystemConditionClassType
ssName sType"
ConditionNa String Set to “SystemCondition”. M ConditionName identifies the Condition in‐
me stance that the Event originated from. It
can be used together with the Source‐
Name in a user display to distinguish be‐
tween different Condition instances.
Retain Boolean True when the alarm is active. M Information whether or not the alarm shall
False otherwise. be displayed.
This is set to true by default.

Functionality
6.4 Alarms

MERIK
Quality String According to SINUMERIK quality M The quality provides information about the
attribute, below string will be set: reliability of an alarm.
● BAD Possible values of SINUMERIK:
● GOOD AlarmQuality.QUALITY_BAD = 0
● UNCERTAIN AlarmQuality.QUALITY_GOOD =
192
AlarmQuality.QUALITY_UNCERTAIN
= 64
LastSeverity UInt16 Reading attributes M LastSeverity provides the previous severity
via(SLAE_EV_ATTR_SEVERITY) of the ConditionBranch. Initially this Varia‐
ble contains a zero value; it will return a
value only after a severity change. The new
severity is supplied via the Severity Prop‐
erty which is inherited from the BaseEvent‐
Type.
BranchId NodeId Null M BranchId is Null for all Event Notifications
that relate to the current state of the Con‐
dition instance.
Comment LocalizedText Null M The value of this Variable is set to null.
ClientUserId String Null M The value of this Variable is set to null.
Enable Not supported M Servers do not expose Condition instances
in the AddressSpace.
Disable Not supported M Servers do not expose Condition instances
in the AddressSpace.
AddComment Not supported M Not supported and the result code should
return Bad_MethodInvalid.
ConditionRe‐ None When the method is called up, an event
freshMethod with the current state is triggered for the
calling client for all conditions. Only those
conditions are updated for which the Re‐
tain flag has been set.
Additional attributes of the AcknowledgeableConditionType

MERIK
AckedState Localized text True / False M AckedState when FALSE indicates that the
Condition instance requires acknowledge‐
ment for the reported Condition state.
When the Condition instance is acknowl‐
edged, the AckedState is set to TRUE.
Confirmed‐ LocalizedText True / False O ConfirmedState indicates whether it re‐
State quires confirmation.
EnabledState Localized text True / False M Always set to true

Functionality
6.4 Alarms

MERIK
Acknowledge Not supported M Not Supported and the return error code
shall be Bad_MethodInvalid.
Confirm O The Confirm Method is used to confirm an
Event Notifications for a Condition instance
state where ConfirmedState is FALSE.
Normally, the NodeId of the object instance
as the ObjectId is passed to the Call Serv‐
ice. However, some Servers do not expose
Condition instances in the AddressSpace.
Therefore all Servers shall also allow Cli‐
ents to call the Confirm Method by specify‐
ing ConditionId as the ObjectId. The Meth‐
od cannot be called with an ObjectId of the
AcknowledgeableConditionType Node.
Additional attributes of the CncAlarmType

The CNCAlarmType is defined in the VDW Companion Specification “OPC UA Information
Model for CNC Systems”.

MERIK
AlarmIdentifi‐ String Unique Alarm id. M Unique alarm number. This mapped to
er Alarm ID.
AuxParame‐ String All available (out of 10) parame‐ M 10 Auxilliary parameter values provided by
ters ters will be displayed in ‘ ‘ separa‐ SINUMERIK system.
ted value.
6.4.5 Language of alarms
6.4.5.1 OPC UA language specification

The OPC UA server has a built-in data type "LocalizedText" to store the language specific
alarm text. This data type defines a structure containing a string in a locale-specific translation
specified in the identifier for the locale. The elements are defined in the table below :-
Name Type Description

LocalizedText structure
text String The localized text.
locale LocaleId The identifier for the locale (e.g. “en-
US”).
The "LocaleId" is a simple data type that is specified as a string that is composed of a language
component and a country/region component as specified by IEEE 754-1985 (http://
standards.ieee.org/findstds/interps/index.html), IEEE Standard for Binary Floating-Point
Arithmetic. The <country/region> component is always preceded by a hyphen.

Functionality
6.4 Alarms
The format of the LocaleId string is shown below:

<language>[-<country/region>]
● <language> is the two letter ISO 639 code for a language
● <country/region> is the two letter ISO 3166 code for the country/region
For more information, refer to the specification OPC UA Part3 - Address Space Model 1.03
Specification.pdf
6.4.5.2 SINUMERIK language specification

The SINUMERIK system currently supports 31 languages which are mentioned below. These
languages are identified by the 3-letter abbreviation that follows Microsoft conventions.
Note
In the list of languages that are mentioned, not every language is supported always.
6.4.5.3 Mapping of SINUMERIK LanguageID with OPC UA LocaleID

Mapping of the SINUMERIK LanguageID with the OPC UA specific LocaleId for each of the
supported languages.
Language SINUMERIK LanguageID OPC UA Specific LocaleId

German - Germany deu de-DE
English - United Kingdom eng en-GB
Chinese (Simplified) chs zh-CHS
Chinese (Traditional) cht zh-CHT
Czech - Czech Republic csy cs-CZ
Danish – Denmark dan da-DK
Bulgarian - Bulgaria bgr bg-BG
Greek – Greece ell el-GR
Spanish – Spain esp es-ES
Finnish – Finland fin fi-FI
French – France fra fr-FR
Hindi – India hin hi-IN
Croatian – Croatia hrv hr-HR
Hungarian – Hungary hun hu-HU
Indonesian – Indonesia ind id-ID
Italian – Italy ita it-IT
Japanese - Japan jpn ja-JP
Korean – Korea kor ko-KR
Malay – Malaysia msl ms-MY
Dutch - The Netherlands nld nl-NL
Polish – Poland plk pl-PL
Portuguese - Brazil ptb pt-BR

Functionality
6.4 Alarms
Language SINUMERIK LanguageID OPC UA Specific LocaleId

Romanian - Romania rom ro-RO
Russian – Russia rus ru-RU
Slovak – Slovakia sky sk-SK
Slovenian – Slovenia slv sl-SI
Swedish – Sweden sve sv-SE
Tamil – India tam ta-IN
Thai – Thailand tha th-TH
Turkish – Turkey trk tr-TR
Vietnamese - Vietnam vit vi-VN
In the above list “OPC UA Specific LocaleId” is used by the OPCU UA client to connect with the
server.
6.4.6 OPC UA alarms and conditions constraints

Below are the features which are not supported in this version:
● Acknowledgements and confirmation of the alarms.
● Part program messages
● Only alarm text will be available in localized text. All other attributes will be available in
English only.

Functionality
6.4 Alarms
6.4.7 OPC UA alarms and conditions client
User interface
The figure and table below describes the user interface of the UaExpert client example with
which the information of the namespace of an OPC UA server can be conveniently accessed.
① The Alarm window

② Displays the received events with preconfigured event fields. The standard event fields are:
● In the Events tab: Time, ReceiveTime, Severity, SourceName, Message, EventType and
SourceNode
● In the Alarms tab: AcknowledgeState, Time, Severity, SourceName, Message,
ConditionName, ActiveState and Retain Flag
③ In the first column of the Alarm tab, a symbol indicates whether an event has already been
Acknowledged. (red flag: unacknowledged, green checkmark: acknowledged)
④ The Alarm / Event Subscription View
⑤ Alarm / Event Instances:
The user needs to subscribe to these instances (by dragging or by configuring).
Figure 6-9 User interface UaExpert client

Functionality
6.4 Alarms
6.4.8 OPC UA multi-language alarms and conditions client

The OPC UA client must explicitly provide the OPC UA specific language "LocaleId" to change
the alarm texts. Below is an example of changing the client language using OPC UA foundation
stack client.
Figure 6-10 OPC UA multi-language alarms and conditions client using 　OpcUa foundation .Net
Client
In the case of UaExpert client proceed as follows:

1. Open the “Configure UaExpert” window under "Settings" Tab in the client
2. Provide the OPC UA specific "LocaleId" as value for the parameter "General.LocaleId".
3. Then connect to the server.
Figure 6-11 Client User Interface for changing Session Language

Functionality
6.4 Alarms
Language OPC UA Specific LocaleId

German - Germany de-DE
English - United Kingdom en-GB
Chinese (Simplified) zh-CHS
Chinese (Traditional) zh-CHT
Czech - Czech Republic cs-CZ
Danish – Denmark da-DK
Bulgarian - Bulgaria bg-BG
Greek – Greece el-GR
Spanish – Spain es-ES
Finnish – Finland fi-FI
French – France fr-FR
Hindi – India hi-IN
Croatian – Croatia hr-HR
Hungarian – Hungary hu-HU
Indonesian – Indonesia id-ID
Italian – Italy it-IT
Japanese - Japan ja-JP
Korean – Korea ko-KR
Malay – Malaysia ms-MY
Dutch - The Netherlands nl-NL
Polish – Poland pl-PL
Portuguese - Brazil pt-BR
Romanian - Romania ro-RO
Russian – Russia ru-RU
Slovak – Slovakia sk-SK
Slovenian – Slovenia sl-SI
Swedish – Sweden sv-SE
Tamil – India ta-IN
Thai – Thailand th-TH
Turkish – Turkey tr-TR
Vietnamese - Vietnam vi-VN

Functionality
6.5 File system
6.5 File system
6.5.1 Overview
SINUMERIK OPC UA supports the standard OPC UA file and folder objects, which allows
transfer of files as well as the manipulation of the file systems.
Furthermore, the server offers 2 comfort methods to copy NC part programs from the OPC UA
client to the OPC UA server and vice versa. Due to the nature of the method this comfort
methods are limited to a file size of 16 MB. For bigger files please use the file and folder objects
as described in chapter File transfer exceeding 16 MB between client and server (Page 107).
Operations
This allows an OPC UA client to use the following operations within the part of the SINUMERIK
file system:
1. Create files/directories
2. Copy files/directories
3. Moving files/directories
4. Deleting files/directories
5. Renaming files/directories
File system
The standard OPC UA file system is placed in the SINUMERIK folder and the file structure of
the NCU is as shown below:
1. Part Programs
2. Sub Programs
3. Work Pieces
4. NCExtend (External CF Card/internal CF Card)
Note
For 840D sl
For NCU, external CF Card/internal CF Card is supported.
For IPC/PCU, SSD/Harddisk is supported.
5. ExtendedDrives (USB/Networkshare)
Note
The ExtendedDrives folder will only be displayed if there are external drives available.
Please keep in mind that a licence my be required to use these external drive.

Functionality
6.5 File system
Note
NCExtend and ExternalDrives option is supported for SINUMERIK Operate version 4.7 or later.
Figure 6-12 The file system
6.5.2 Prerequisites
The OPC UA server allows the OPC UA client to support the transfer of files between the client
and the server.

Functionality
6.5 File system
As a user, you will require user access rights to access these files from the server. The access
rights are provided using the "GiveUserAccess" method. The following access rights can be
provided for the file system (also see chapter List of rights (Page 72)):
● FsRead for the standard file system methods like Open, GetPosition, Read as well as the
CopyFileFromServer method.
● FsWrite for the standard file system methods like CreateDirecotry, CreateFile, Delete,
MoveOrCopy, Write, SetPosition, Close as well as the CopyFileToServer method.
Figure 6-13 Standard Method

Functionality
6.5 File system
6.5.3 Standard file system support
6.5.3.1 File transfer with standard methods

The SINUMERIK OPC UA server supports the "FileType"/"FolderType" as described in the
OPC UA Specification Part 5, which allows manipulating files and folders via OPC UA.
Folder methods
The folders, "Part Programs", "Sub Programs", "Work Pieces", "NCExtend", and
"ExtendedDrives" are of the "FolderType", which contain the following methods:
Method/Attribute Description
CreateDirectory To create new folders under parent folder.
CreateFile To create new file under parent folder.
Delete To delete folder and file under parent folder.
MoveOrCopy To copy or move files from source to destination
within server filesystem.
You can create, delete, move or copy folders and files using the above methods. When you
create a new folder using "CreateDirectory"’, a new node will be created with "FolderType" and
name provided by the user in OPC UA client. This folder contains all methods and attributes
specified in above table.
The node in the address space, under which the "CreateDirectory" method is called, is the
"parent" node of the new folder node.
The folder methods exist under all folder type objects in the file system. Please note that you
must always call the method under the direct parent node of the file or folder.
For the methods "Delete" and "MoveOrCopy" you must always provide the full identifier of the
node to be moved, copied or deleted.
Whenever you create a new file using the method "CreateFile", a new node will be created with
"FileType" with a user provided name. This file again contains all methods and attributes
specified in the table above. The node in address space, under which the "CreateFile" method
is called, is the "parent" node of the new file node. For specific information for the described
methods, check the Typedefinition in the OPC UA Specification Part 5.
Examples for the usage of the folder methods
Use Case Where to call Input parameter

CreateDirectory Method must be called under the node Folder name
where the files should be created (e. g.
"SINUMERIK/FileSystem/Part Pro‐
grams/")
CreateFile Method must be called under the node Filename incl. file extension (e. g. "My‐
where the files should be created (e. g. PartProgram.mpf")
"SINUMERIK/FileSystem/Part Pro‐
grams/")

Functionality
6.5 File system
Use Case Where to call Input parameter

Delete Method of the direct parent node of the Identifier of the file/folder (e. g. "SINU‐
file/folder to be deleted must be called MERIK/FileSystem/Part Programs/Test/
(e. g. to delete a file located under "SIN‐ MyPartProgram.mpf")
UMERIK/FileSystem/Part Programs/
Test" the method of the folder "Test"
must be called)
MoveOrCopy Method of the direct parent node of the Identifier of the source file/folder as well
file/folder to be moved or copied must be as identifier of the target folder (e. g.
called (e. g. to move or copy a file loca‐ Mover or copy the file "MyProgram.mpf"
ted under "SINUMERIK/FileSystem/ from the folder "Test" to the folder "Part
Part Programs/Test" the method of the Programs"
folder "Test" must be called) Source: "SINUMERIK/FileSystem/Part
Programs/Test/MyPartProgram.mpf"
Target: "SINUMERIK/FileSystem/Part
Program/MyPartProgram.mpf")
File methods
All files which are in the above mentioned folders will be of the "FileType" type and consist of
the following methods and properties:
Method/Attribute Description
Open Opens the file either in read/write mode.
Read Reads contents of the file.
Write Writes data to the file. (if write permission is avail‐
able)
Close Closes the file. (succeeds if file is open)
GetPosition Gets the position of current position of file pointer
while file read/write operation.
SetPosition Sets the position of current position of file pointer
while file read/write operation.
OpenCount Gives the number of file open instances.
Size Gives the file size details.
UserWritable Set to true if current user has access to modify the
content of the file.
Writable Set to false if the file is read only.
Whenever you create a new file using the method "CreateFile", a new node will be created with
"FileType" type with a user provided name. This file again contains all methods and attributes
specified in the table above. The node in address space, under which the "CreateFile" method
is called, is the "parent" node of the new file node. For specific information for the described
methods, check the type definition in the OPC UA Specification Part 5 Annex C.
Note
No multiple extensions supported
The methods "CreateFile","CopyFileToServer", "CopyFileFromServer" and "MoveOrCopy" will
not support files with multiple extensions (i.e. test.mpf.mpf).

Functionality
6.5 File system
6.5.3.2 File transfer exceeding 16 MB between client and server

For file transfer, the OPC UA specification v1.0X, Part 5, Annex C offers the use of file and
folder object methods.
How can a file transfer be implemented in a client using the file and folder object methods?
The basic idea is to open a file and copy the content from location A to B and then close the file.
Therefore to copy a file from the SINUMERIK to an OPC UA client the client needs to do the
following:
● Open the file on the SINUMERIK via the Open method,
● then pass the received handle to the Read method and operate on arrays of bytes,
● then close the file via the Close method.
For the other direction, the file has to be created on the SINUMERIK file system first, using the
Create method.
23&8$&OLHQW 23&8$&OLHQW)LOH7\SH 23&8$6HUYHU)LOH7\SH 23&8$6HUYHU
2SHQPRGH
ILOH+DQGOH
WHVWPSI
ILOH+DQGOH
5HDGILOH+DQGOHOHQJWKGDWD
)LUVW1GDWD
1!LWFDQGLIIHU
'DWD GHSHQGLQJRQWKHFOLHQW
VHWWLQJV
'DWD 1H[W1GDWD
WHVWPSI
'DWD
,IWKH%\WH6WULQJLV
HPSW\LWLQGLFDWHVWKDW
WKHHQGRIWKHILOHLV
'DWD UHDFKHG
&ORVHILOH+DQGOH
Figure 6-14 File transfer from server to client using standard file system methods

Functionality
6.5 File system
23&8$&OLHQW 23&8$&OLHQW)LOH7\SH 23&8$6HUYHU)LOH7\SH 23&8$6HUYHU
2SHQPRGH
ILOH+DQGOH
ILOH+DQGOH
:ULWHILOH+DQGOHOHQJWKGDWD )LUVW1%\WHGDWD

1!LWFDQGLIIHU
GHSHQGLQJRQWKHFOLHQW
VHWWLQJV
:ULWHILOH+DQGOHOHQJWKGDWD
WHVWPSI 'DWD
1H[W1%\WHGDWD
:ULWHILOH+DQGOHOHQJWKGDWD
/DVW1%\WHGDWD
'DWDZULWWHQWRILOH
&ORVHILOH+DQGOH
WHVWPSI
7KHVHVVLRQLVHQGHG
ZLWKRXWFDOOLQJWKH&ORVH
PHWKRG
'DWDZLOOEHORVW
Figure 6-15 File transfer to server from client using standard file system methods
6.5.3.3 Comfort methods for file transfer < 16 MB

In addition to the standard file system, two additional methods are provided to transfer files from
server to client and vice versa.
Note
With these methods, you will be able to transfer maximum of 16 MB by default, depending on
the client settings. As the maximum ByteString and message size depends on the server and
client-side stack limit. For file transfer more than 16 MB, it is recommended to use OPC UA
standard file transfer methods.

Functionality
6.5 File system
Figure 6-16 Methods for the file transfer

Functionality
6.5 File system
Procedure and Example

1. CopyFileFromServer:
– Allows copying file from SINUMERIK OPC UA server to client location.
– The user shall provide the name of the file with full path to be copied.
– On completion of the file transfer, an appropriate message will be displayed.
Type Data type Argument Description

Input parameter string SourceFile Name of the file need
to be copied with abso‐
lute path.
Output parameter ByteString Data Raw file data
2. CopyFileToServer:
– Allows copying a client file to a specified SINUMERIK NC memory location.
– The user shall select the file to be transferred and specify the location on server.
Type Data type Argument Description

Input parameter string TargetFilename Target file name with
absolute path
Input parameter ByteString Data Raw file Data
Input parameter Boolean Overwrite Overwrite True: Overwrite the file
if already exists. False:
File will not be overwrit‐
ten.
For example:
The complete path of the files can be provided as below:
● Sinumerik/FileSystem/Part Program/partprg.mpf
● Sinumerik/FileSystem/Sub Program/subprg.spf
● Sinumerik/FileSystem/Work Pieces/wrkprg.wpf
● Sinumerik/FileSystem/NCExtend/Program.mpf
● Sinumerik/FileSystem/ExtendedDrives/USBdrive/Q3.mpf

Functionality
6.6 Select
6.6 Select
6.6.1 Overview
The "Select" method is provided under "Methods > Filehandling" in the address space, which
allows the selecting of a part program from the NC file system. You can call this method and
select the file to be executed by providing the node identifier of the file in address space and the
channel number.
By calling this method, you can only select the program for execution and not start the execution
of the program itself.

Functionality
6.6 Select
6.6.2 Description
You are allowed to select the part program file for execution from the NC file system and
external memory, which includes "local drive", "USB" and "network share". As part of the file
system feature, the NC file system is exposed in the OPC UA address space.
There are two input values to be provided to call the "Select" method.
● Node identifier of the file to be selected for execution.
● Channel number.
Each part program file on the file system is associated with a node identifier in the OPC UA
address space and is provided as the input. Only one part program can be selected for a
channel. An error will be displayed otherwise.
Status code is an output parameter which indicates the error code in case of failures.
6.6.3 Input and output arguments

Signature of the method "Select" is as follows:
Select (
[in] string SourceFileNodeId,
[in] int32 ChannelNumber,
[out] int32 Status Code)
Argument Description
SourceFileNodeId Represents the node identifier of the file with absolute path
(which is selected for execution).
Channel Number A number which represents the channel to be used while pro‐
gram execution.

Functionality
6.6 Select
Prerequisites
● Channel to be used during program execution must be in the state "Reset".
● User with "ApWrite" access right can call "Select" method. If the user does not have the
access "ApWrite" and tries to call "Select" method, it fails and server will return with OpcUa
status "BadUserAccessDenied".
Note
The access right for the user is provided using the "GiveUserAccess" method.
Status Code of the method call

The following table gives details on values and description on the status of the "Select" method
call. As part of output argument, the result code (value) is displayed in the OPC UA client.
Status Code (value) Description

0 Successful
1 Channel does not exist
2 Part Program cannot be found
3 Channel is not in Reset
4 Target rejected requested action.
Note
No file restriction
Notice that a file with any extension is allowed to be selected through OPC UA "Select" method.
OPC UA does not restrict selecting files with any file extension.
Joblists cannot be selected.
OPC UA Status
The following table gives details on values and description of the OPC UA method call status:
Result Description
Succeeded Method is executed with success/failure.
OpcUa_BadInvalidArgument Invalid inputs are provided.
OpcUa_BadUserAccessDenied User does not have permission to invoke the method.

Functionality
6.6 Select
6.6.4 Example call
Procedure
1. Look for the NodeID of the particular part program you want to select (for example
"NC_PROG1.MPF").
2. Navigate in the "File System" node until you reach the particular file.
Figure 6-17 Finding of NodeID
3. Specify the NodeID and the channel number in the call of the method.
Figure 6-18 Arguments of select method
The particular part program will be selected.

Functionality
6.7 Tool management
6.7 Tool management
6.7.1 Description
The OPC UA server supports the creation and deletion of tools and cutting edges. The methods
for this operation can be found under "Sinumerik > Methods > ToolManagement" folder.
Following are the four methods present in "ToolManagement" folder:
● CreateTool
● DeleteTool
● CreateCuttingEdge
● DeleteCuttingEdge
Example calls
For example calls of the provided methods, please refer to the shown screenshots of
OpcFoundation Client.

Functionality
6.7 Tool management
Prerequisites
User with "ToolWrite" access right can call "ToolManagement" methods. If the user does not
have the access "ToolWrite" and tries to call "ToolManagement" methods, it fails and server will
return with OpcUa status "BadUserAccessDenied".
Note
The access right for the user is provided using the "GiveUserAccess" method.
6.7.2 CreateTool
The "CreateTool" method is used to create a new tool with a special T-number in Tool List
section of the SINUMERIK, and appears under the folder “Methods/ToolManagement”. The
CreateTool method does not contain the settings of tool parameters. The tool parameters e.g.:
tool type, cutting edge date etc. are set via data access functions.
The CreateTool method has two input parameters and one output parameter.
Signature:
CreateTool(
[in] string ToolArea
[in] string ToolNumber
[out] Uint32 StatusCode
)

Functionality
6.7 Tool management
The following table will give details about the parameters of the method:
Type Parameters Description

Input Tool Area Input parameter to enter tool area.
Input Tool Number 5 digit number given to the created
tool.
For range of number please refer to
828D or 840D sl documentation re‐
spectively.
Output Status Code A number which gives a feedback if
the method was executed success‐
fully or not.
The method returns a value which indicates whether the creation was successful or not. If the
creation was not successful the return value will give information about the reason of the failure.
Status code
The status code is the result of the requested action which is a number as shown in the table
below:
Status Code Reason

0 OK.
1 Tool area does not exist.
2 Tool number out of range.(Reason wrong param‐
eter)
3 Tool number exists already.
4 Maximum number of tools reached.
Method Result Codes
Result Description
Succeeded Method executed with success/failure reason.
BadInvalidArgument Arguments provided are not correct.
BadUserAccessDenied "ToolWrite" access is not provided.
6.7.3 DeleteTool
The "DeleteTool" method is used to delete an existing tool in Tool List section of the
SINUMERIK, and appears under the folder “Methods/ToolManagement”.
The method deletes the tool with all cutting edges in all data blocks where it is saved.
DeleteTool(

Functionality
6.7 Tool management

)
The following table will give details about the Parameters of the method:

Input Tool Area Input parameter for the end user
to enter tool area.
Input ToolNumber 5 digit number which is to be de‐
leted.
For range of number please refer
to 828D or 840D sl documenta‐
tion respectively.
Output StatusCode A number which gives a feed‐
back if the method was executed
successfully or not.
The method returns a value which indicates whether the delete was successful or not. If the
delete was not successful the return value will give information about the reason of the failure.
Status code
If the deletion of the tool was not successful the return value will give information about the
reason of the failure which are explained in the table below.
StatusCode Description
0 OK.
1 Tool area does not exist.
2 Tool number out of range.(Reason wrong param‐
eter)
3 Tool does not exist.
6 Tool active.(Reason tool in use)
Method Result Codes

The Result return "Succeeded" when the method is correctly executed and the StatusCode
gives the reason of Success/Failure.

Functionality
6.7 Tool management
It returns "BadInvalidArgument", if inputs are not according to OPC UA standards.
Result Description
6.7.4 CreateCuttingEdge
The "CreateCutting Edge" method is used to create a new cutting edge of an existing tool in
“Tool List” section of the SINUMERIK. The next superior free D number will be created.
The ”CreateCuttingEdge” method appears under the folder “Methods/ToolManagement”. This
method does not contain the settings of cutting edge parameters.
The CreateCuttingEdge method has two inputs and two output parameters.
Signature:
CreateCuttingEdge(
[out] Uint32 DNumber
)
The following table will give details about the parameters of the method:

Input Tool Area Input parameter to enter tool
area.
Input Tool Number 5 digit number which is to be de‐
leted.
tion respectively.

Functionality
6.7 Tool management

Output DNumber Cutting Edge Number of the tool.
Output Status Code A number which gives a feed‐
The method returns a value which indicates whether the creation was successful or not. If the
creation was successful the DNumber under which the new cutting edge was created will be
returned. If the creation was not successful the return value will give information about the
reason of the failure.
Status code
The status code is the result of the requested action and is represented by a number, as shown
in the table below:
Status Code Reason

0 OK.
2 Tool number out of range.
4 Maximum cutting edges reached no more cutting
edges.
5 There is no tool for which edge can be created.
(Reason wrong tool area or tool number)
Method Result Codes
Result Description
6.7.5 DeleteCuttingEdge
The "DeleteCuttingEdge" is used to delete a cutting edge of an existing tool in "Tool List"
section of the SINUMERIK. This method appears under the folder "Methods/
ToolManagement".
The DeleteCuttingEdge method has three input and one output parameters.
Signature:
DeleteCuttingEdge(
[in] string CuttingEdgeNumber

Functionality
6.7 Tool management
Following table will give details about the Parameters of the method:

Input Tool Area Input parameter to enter tool
area.
Input Tool Number Tool number of an existing tool
whose cutting edge is to be de‐
leted.
Input Cutting Edge Number 5 digit number which is to be de‐
leted.
tion respectively.
Output Status Code A number which gives a feed‐
The method should return a value which indicates whether the delete was successful or not.
If the delete was not successful the return value should give information about the reason of the
failure.
Status code
The status code is the result of the requested action which is a number as shown in the table
below:
Status Code Reason

0 OK
2 Tool number out of range.
4 Cutting edge does not exist.
5 There is no tool for which edge can be deleted
(Reason wrong tool area or tool number)
6 Tool active. (Reason tool in use)
7 The first cutting edge cannot be deleted.

Functionality
6.7 Tool management
Method Result Codes
Result Description

Diagnostics 7
7.1 Overview
Overview
The OPC UA server offers a variety of diagnostics information, as described in the OPC UA
Standard Part 5 - "Information Model", Chapter 6.
This diagnostics information can be found under the Server Node:
Figure 7-1 Diagnostics Information - Server Node

Diagnostics
7.2 Diagnostics screen
Requirement
Note
To show the correct status of OPC UA server you must have at least one type of message
encryption (128 bit or 256 bit) enabled.
Diagnostics screen
Additional to the server diagnostic information available via OPC UA, there is a SINUMERIK
Operate screen, which shows the actual status of the OPC UA server.
To open the diagnostics screen, select the operating area "Startup > Network" in
SINUMERIK Operate, then press the "OPC UA" softkey. The OPC UA status screen is the first
screen to be displayed.
Figure 7-2 Diagnostics

Diagnostics
Value Description Further explanation

Server IPs Server IPs and ports of the company network,
systems network or service network where the
OPC UA server is accessible
Server status Possible status of the server: There are too many sessions used
● Ok (server up and running) by other clients. External clients are
allowed to create 5 sessions with
● Not activated (OPC UA server deactivated) 828D and 10 sessions with 840D sl.
● No connection can be set up (error within The session limitation is 6 and 11,
the OPC UA server) respectively, to have one more ses‐
● No more sessions possible. All sessions are sion for the status client.
in use by other clients. The status screen
cannot create a session.
Connected cli‐ Clients which are connected to the server
ents Example:
● MD1EXMQC: remote PC of the client
● SiemensAG:OpcUaTestsApp: URN of the
application of the remote PC
● 10788… Session ID
● OpcUaTestConsole: Session Name
Subscription Utilized capacity of the OPC UA server regard‐
load ing possible subscriptions (see chapter Techni‐
cal data (Page 133)), not the overall load.

Diagnostics
7.3 OPC UA server version
OPC UA server version

OPC UA server version and OPC UA dialog version information can be found in SINUMERIK
OPERATE version screen.
1. Open SINUMERIK OPERATE and choose operating area "Diagnostics". Press the softkey
"Version".
2. Select “System extensions" and press softkey "Details".
Figure 7-3 Version data

Diagnostics
Figure 7-4 Version data / system extensions
The OPC UA entry is found.

3. Select the entry and press "Details" again to show more detailed information on OPC UA
components.

Diagnostics

Update of OPC UA server 8
8.1 Overview
Compatibility
This version of OPC UA server is supported by SINUMERIK 840D sl and SINUMERIK 828D.
An update process is possible with the following SINUMERIK software versions:
● Software line 4.5: with versions ≥ V4.5 SP4.
SINUMERIK Create MyConfig (CMC)

The necessary update (CMC) file can be provided by your regional SIEMENS office.

Update of OPC UA server
8.2 Compatibility
8.2 Compatibility
Compatibility
Below are the compatibility issues of OPC UA:
● Password
The Password length has changed to min. 8 characters.
● User rights
– The behavior in setting “SinuReadAll” and “SinuWriteAll” is different from previous
versions.
– Different from previous version is that removing the right “SinuReadAll” will remove all
read rights. In previous versions additionally added read rights have not been deleted
with removing “SinuReadAll”.
Same applies to “SinuWriteAll”.
Note
If you face any other compatibility issues or for further details, refer to hotline (https://
support.industry.siemens.com/cs/sc/2090/).

8.3 Installation of OPC UA server
Requirements
The installation procedure of the OPC UA server varies depending whether a PCU or a PPU/
NCU is being used. The following operating systems are required:
● PCU Base and SINUMERIK Operate on Windows 7 / Windows 10 systems
● SINUMERIK Operate on NCU840D (embedded).
Below are the instructions for both options:
See also
Update of OPC UA server (Page 137)
8.3.1 Installation/Upgrade on a PCU/IPC

1. Load OPC UA software (OpcUaDeployWindows_XXX.XXX.exe) on USB stick.
2. Start PCU in the service mode.
3. Insert USB stick in USB port of operator panel.
4. Start Windows Explorer.
5. Navigate to .exe file and execute it.
6. Follow the installation instructions.
7. After successful installation, restart the PCU.
Note
If OPC UA was active before the installation, users and access rights are being preserved.
8.3.2 Installation/Upgrade a PPU/NCU
Note
Different installation procedure for 828D / V4.5
Please not that the server update procedure for 828D with CNC software version V4.5 varies
from the standard process below (see chapterUpdate of OPC UA server (Page 137)).
1. Load OPC UA software (OpcUaDeployLinux_XXX.XXX.usz) on USB stick.

2. Insert USB stick in USB port of NCU/PPU.
3. Switch off NCU/PPU and switch it on again.

4. Follow the installation instructions.

5. After successful installation, restart the NCU/PPU.
Note
If OPC UA was active before the installation, users and access rights are being preserved.

Technical data 9
Technical data
Description Value
Number of sessions 1)
828D 5
840 D sl 10
Number of subscriptions 2)
828D 5
840D sl 10
Maximum samples / second 828D 500 1/s
840D sl 1000 1/s
Min. sampling interval 100 ms
Sampling intervals {100, 250, 500, 1000, 2500, 5000} ms
Min. publishing interval 100 ms
Publishing intervals {100, 250, 500, 1000, 2500, 5000} ms
Max. number of users 20
Max. lifetime interval (LifeTime Count) 3600000 s
Session timeout 60 s
Max. monitored items queue size (Subscription 10000
Queue size)
1) Session = Connection of a client to a server

2) Subscription = In an existing session a subscription is a functionality for monitoring data items.
Calculating maximum subscription load

The maximum number of monitored items (Page 87) depends on the update time of the
subscriptions. Therefore the max. number of monitored items can be calculated as down below.
The maximum subscription load is calculated from the load imposed to the system by the
sample rate of all monitored items from all subscriptions of all active sessions.
Max number of monitored items = Systemload / Updates per second
Updates per second = 1 / Sampling rate (in seconds)
Systemload SINUMERIK 840D sl = 1000 items/s
Systemload SINUMERIK 828D = 500 items/s

Technical data

Exceptions: 828D / V4.5 10
The following chapter describes the exceptions regarding 828D control with CNC software
version V4.5.

Exceptions: 828D / V4.5
10.1 Starting of configuration dialog
10.1 Starting of configuration dialog

Because of certain prerequisites of OPERATE V4.5 and 828D, it was not possible to implement
the startup of the OPC UA configuration dialog the same way as in OPC UA standard software
releases. Therefore you reach the OPC UA configuration dialog via a different way:
Executing the OPC UA configuration dialog

1. Press “menu select”. The operating area will appear.
Figure 10-1 Operating area
2. Press the softkey ">". The second operating area will appear.
Figure 10-2 Operating area
3. Press the softkey "OPC UA". The settings dialog will appear.
Note
The operating of the settings dialog is explained in chapter Commissioning (Page 21).

10.2 Update of OPC UA server

The update procedure for 828D with CNC software version V4.5 varies from the standard
update procedure described in chapter Installation of OPC UA server (Page 131).
Prerequisite
A .tgz file (e. g.: hmi_sl_opcua_02.02.00.00.007.tgz) is provided on an USB stick.
Installation of OPC UA server

1. Power on the control.
2. Go to "Startup menu" (press "Select" button when a message appears on the screen).
Figure 10-3 Startup menu
3. Press key "^", then 2nd horizontal softkey, then 2nd vertical softkey to get to extended
"startup menu".
Figure 10-4 Extended startup menu
4. Plug in the USB drive with the provided .tgz file at the front of the 828D control.

5. Select "Install software update/backup".
Figure 10-5 Install software update/backup
6. Confirm the popup message with "Yes".
Figure 10-6 Confirmation message
7. Select the package to install.

The OPC UA dialogs will become available after power off/on.

Trouble shooting 11
11.1 Frequently asked questions (FAQs)
Topic Question Possible solution

Setting dialog is not dis‐ The OPC UA setting dialog will not be dis‐ Possibly the SINUMERIK operating area
played correctly played correctly after installation or not to that "Setting" has already been extended by OEM
extent as described in documentation. What dialogs (function: slsudialog_oem xml). This
can I do? may cause incorrect functioning of the OPC
UA setting dialog in software versions < 4.8
SP2.
● Please contact your regional SIEMENS
office or the technical support (https://
support.industry.siemens.com/cs/sc/
2090/).
OPC UA client has no con‐ In spite of correct commissioning my OPC UA If no connection is possible, though you have
nection client cannot connect. What can I do? operated the commissioning of the OPC UA
server thoroughly, it is recommended to re‐
store factory settings of the OPC UA server.
Proceed as follows:
● Deactivate OPC UA in the setting dialog
● Switch off PCU/NCU/PPU and on again
● Activate OPC UA again in the setting
dialog
● Switch off PCU/NCU/PPU and on again
The server cannot be found by the client. ● Check whether the IP address of the
What can I do? networking dialog is compatible to those
of the OPC UA dialog.
● If the IP addresses are not compatible,
press "Change" in the OPC UA setting
dialog. The new addresses will be directly
transferred into the setting dialog.
● Confirm with "Ok" and restart the
SINUMERIK.
The connection the server should function
properly now.
The OPC UA server status shows OK but the ● Reboot the control in order to activate all
client is not able to connect. What can I do? necessary firewall settings (e.g.: port
number changed).
OPC UA client cannot con‐ ● Certificate user is created Please check date and time of the target sys‐
nect as certificate user tem. In case the target system time is not
● Certificate for certificate user is trusted
within the period of validity (valid from – valid
● OPC UA client cannot connect as to) of the client certificate, the connection gets
certificate user refused (BadIdentityTokenRejected).

Trouble shooting
File Sysytem

File System How to use "CreateDirectory" method? The OPC UA server can create a folder with any extension or
with no extensions in the USB drive, network share, and local
drive. However in the NC drive, we can create an extension
with "DIR" only.
How to use "CreateFile" method? The "CreateFile" method is used to create a new file. The
created file can be written using the "Write" method of the
FileType. The OPC UA server can create file without exten‐
sion in the USB drive, network share, and local drive but not in
the NC memory.
How to use "Delete" method? ● The "Delete" method is used to delete a file/directory. The
OPC UA server will not allow to delete the file if the file is
opened for the file operation. You must close the file
handle to delete the file. In case of directory, all the file and
directory objects below the directory to delete are deleted
recursively.
● A file which is selected for execution or a folder which
contains the selected file are not allowed to be moved.
However if the file is moved there is a possibility that an
empty file will be created.
How to use "MoveOrCopy " method? ● The "MoveOrCopy" method is used to move or copy a file/
directory to another directory or to rename a file/directory.
● The OPC UA server can move any file or folder without
extension in the USB drive, network share, and local drive
but not in the NC memory. In the NC memory, a folder with
the extension "DIR" can only be allowed to be moved to
the NC memory.
● The OPC UA server will not allow to move the folder if the
file is opened for the file operation.
● A file which is selected for execution or a folder which
contains the selected file, are not allowed to be moved.
However if the file is moved there is a possibility that an
empty file will be created.
How to use "Open " method? When a client opens a file, it gets a file handle that is valid
while the session is open. Clients shall use the "Close" meth‐
od to release the handle when they do not need access to the
file anymore. Clients can open the same file several times for
read.
How to use "Read " method? The "Read" method is used to read a part of the file starting
from the current file position. The file position is advanced by
the number of bytes read. The data contains the returned data

Trouble shooting

of the file. If the ByteString is empty, it indicates that the end of
the file is reached.
How to use "Write " method? The "Write" method is used to write a part of the file, starting
from the current file position. The file position is advanced by
the number of bytes written. When the client session is closed,
all the open file handled will be closed for the respective ses‐
sion. In this scenario, if there is any existing file opened with
write mode or append mode, the current data will be lost.
How to use "Close " method? The "Close" method is used to close a file represented by a
FileType. When a client closes a file, the handle becomes
invalid.
How to use "GetPostion " method? The "GetPosition" method is used to provide the current posi‐
tion of the file handle. If a "Read" or "Write" method is called,
it starts at that position.
How to use "SetPosition " method? The "SetPosition" method is used to set the current position of
the file handle. If a "Read" or "Write" method is called, it starts
at that position. If the position is higher than the file size, the
position is set to the end of the file.
Does OPC UA standard file system support No, only the default machine name is mapped (target system
1:N constellation? PCU only).

Trouble shooting
11.2 Reference to OPC UA error code
11.2 Reference to OPC UA error code

You can find all relevant information on error codes at Github (https://github.com/
OPCFoundation/UA-Nodeset/blob/master/DotNet/Opc.Ua.StatusCodes.cs).
Technical Support
Country-specific telephone numbers for technical support are provided in the Internet at the
following address (https://support.industry.siemens.com/cs/sc/2090/) in the "Contact" area.

Index
Importing, 57, 58
Modeling with SiOME, 45
A process, 43
workflow, 43
Accessibility, 11
Customer Specific Object Model, 41
AddCertificateUser, 70
Address space, 76
GUD, 76
machine data, 76
D
PLC blocks, 76 Data types, 80
setting data, 76 Delete
AddUser, 70 method, 105
Alarms DeleteCuttingEdge, 120
CnCAlarmType, 92 Method Result Codes, 120
Event types, 91 Parameters, 120
sequence, 90 Status code, 120
subscribe, 89 DeleteTool, 117
unsubscribe, 90 Method Result Codes, 117
Application scenario, 11 Parameters, 117
Status code, 117
DeleteUser, 70
B DeleteUserAccess, 71
Deleting
Browsing, 76
rejected certificates, 34
trusted certificates, 32
development kit, 9
C
ChangeMyPassword, 70
Checking the time, 21 E
Client, 9
Encryption, 10
Close
Exporting
method, 106
server certificates, 30
CopyFileFromServer
method, 110
CopyFileToServer
method, 110
F
Create tool, 116 File access rights, 103
Method Result Codes, 116 Functionalities, 10
Parameters, 116
Status code, 116
CreateCutting Edge, 119 G
Method Result Codes, 119
GetMyAccessRights, 71
Parameters, 119
GetPosition
Status code, 119
method, 106
CreateDirectory
GetUserAccessRights, 71
method, 105
GetUserList, 70
CreateFile
GiveUserAccess, 73
method, 105
CSOM, 41
Exporting, 43

Index
Open
method, 106
I OpenCount
method, 106
Importing
trusted certificates, 32
Industry 4.0, 9
P
PCU / IPC, 11
L Publish interval, 87
Publishing intervals, 133
Language identifier, 97
License, 20
LocalizedText, 96
R
Read
M method, 106
Rejected certificates
Max. lifetime interval (LifeTime Count), 133
deleting, 34
Max. monitored items queue size (Subscription
trusting, 34
Queue size), 133
Renewing
Max. number of users, 133
Server certificates, 29
Maximum samples / second, 133
Method
Close, 106
CopyFileFromServer, 110
S
CopyFileToServer, 110 Sampling interval, 87
CreateDirectory, 105 Sampling intervals, 133
CreateFile, 105 Security settings, 10
Delete, 105 Select
GetPosition, 106 Status code, 113
MoveOrCopy, 105 Server certificates
OpenCount, 106 exporting, 30
Read, 106 renewing, 29
SetPosition, 106 Session timeout, 133
Size, 106 SetPosition
UserWritable, 106 method, 106
Writable, 106 SINUMERIK
Write, 106 supported languages, 97
Min. publishing interval, 133 SINUMERIK 828D, 11
Min. sampling interval, 133 SINUMERIK 840D sl, 11
Monitored items, 87 SINUMERIK Access MyMachine/ P2P, 43
MoveOrCopy SINUMERIK OPC UA server, 9
method, 105 SINUMERIK systems, 11
SiOME, 41
download, 41
N Size
method, 106
Number of sessions, 133
Supported Languages
Number of subscriptions, 133
SINUMERIK, 97
O
OPC UA standard, 9

Index
T
Thin Client, 11
Trusted certificates
deleting, 32
importing, 32
Trusting
rejected certificates, 34
U
UaExpert client, 99
User administration, 10
UserWritable
method, 106
V
Variable paths, 78
W
Writable
method, 106
Write
method, 106

Index


840Dsl 828D OPCUA Config Man 0819 en-US

Uploaded by

Copyright:

Available Formats

840Dsl 828D OPCUA Config Man 0819 en-US

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

840Dsl 828D OPCUA Config Man 0819 en-US

Uploaded by

Copyright:

Available Formats

Preface

Update of OPC UA server 8

Exceptions: 828D / V4.5 10

OPC UA server Version 3.0 SP1

Siemens AG Document order number: 6FC5397-1DP41-0BA3 Copyright © Siemens AG 2017 - 2019.

SINUMERIK Access MyMachine / OPC UA

Note regarding the General Data Protection Regulation

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

4.3.3.6 Modeling rules........................................................................................................................55

SINUMERIK Access MyMachine / OPC UA

6.5.3.3 Comfort methods for file transfer < 16 MB ...........................................................................108

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

Uniform standard for data exchange

1.1.1 SINUMERIK OPC UA server

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

1.3 System setup

Accessibility of the server

6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'

Figure 1-1 Application scenario

SINUMERIK Access MyMachine / OPC UA

1.4 Compatibility of OPC UA server version and CNC software versions

CNC software version OPC UA version

SINUMERIK Access MyMachine / OPC UA

1.5 Reference to OPC UA specification

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

2.1.1 General safety instructions

2.1.2 Warranty and liability for application examples

SINUMERIK Access MyMachine / OPC UA

2.1.3 Industrial security

Further information is provided on the Internet:

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

2.2 OPC UA security notes

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

3.2 Option OPC UA

Setting the option

Figure 3-1 Setting the option

SINUMERIK Access MyMachine / OPC UA

Checking the HMI time

Executing the OPC UA configuration dialog

2. Press the "OPC UA" softkey.

SINUMERIK Access MyMachine / OPC UA

Figure 3-2 Settings of OPC UA server (with changes)

Group Setting Description

SINUMERIK Access MyMachine / OPC UA

Group Setting Description

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

Figure 3-3 Security message for opening the TCP port

SINUMERIK Access MyMachine / OPC UA

3.4 Certificate handling

Figure 3-4 Softkey Certificates

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'