we are in the process of commissioning information links between plcs and a dcs system. there are 12 plcs of different makes (ge fanuc, allen bradley, schnider and saia). opc server is intalled in each of the plcs and opc client is configured in dcs. dcs ip are class B private (172.16/17.xx.xxx) with a dual homed pcs with additional NICs for opc interface (172.18/19.xx.xxx)

to maintain connectivity with dcs, i am forced to change the ip addresses of plcs system noded to 172.18/19.xx.xxx, as they do not have an additional NIC. As a requirement of opc connectivity, the login (username and password) has to be the same at both dcs end and plc end. with this each plc connected to dcs is becoming an authenticated user to every other plc. all the resources shared between the pcs in a given plc are also beocme accessible to other plcs. is there any way i can maintain each plc in its own island / domain?

i also need help regarding what is the safe method of connecting plcs to dcs. do i have to install a 3rd NIC in each of the plcs nodes running opc server?

 

OPC server in the PLC? Are you sure? Usually the OPC server runs on a PC, not in the PLC. The PC communicates with the PLC using whatever protocol, and coverts it to OPC. Your DCS software then reads from the PC with the OPC servers. There will be no authentication in the PLC or DCS hardware, only the server and client computers.

Having OPC servers and OPC clients in different domains communicating DCOM is a problem (it can be done though with domain trust relationships etc.). Matrikon and Iconics make "tunneller" software that wraps the OPC package in HTTP, pass to the next domain, including through firewalls and even Internet, and then back to DCOM in the other end. However, it will be slower.

I suggest you keep clients and server machines all on the same domain. The PLC and DCS hardware is not directly involved. Most PLCs I have heard of will allow you to use the same network for the communication with the PLC as for OPC so no additional NIC required. DCS can be somewhat more proprietary and may not allow third party PLC or computers on their control network thus requiring additional NIC. Most DCS software are not native OPC so they require mirror/bridge/application station computer to interface OPC.

For all flavours of OPC and other automation software technologies take a look at the book "Software for Automation: Architecture, Integration, and Security". Preview, see contents, and buy online: www.isa.org/autosoftware

Jonas Berge SMAR
===========
[email protected]
www.smar.com
Learn fieldbus and Ethernet at your own pace: www.isa.org/fieldbuses
Learn OPC and automation software at your own pace: www.isa.org/autosoftware