Siemens

Industry
Online
Support

APPLICATION EXAMPLE

S7 communication
between S7 CPU and
PC station
S7 variable services with SIMATIC NET OPC UA server
 Table

Legal information
Use of application examples
Application examples illustrate the solution of automation tasks through an interaction of several components in the
form of text, graphics and/or software modules. The application examples are a free service by Siemens AG and/or a
subsidiary of Siemens AG (“Siemens”). They are non-binding and make no claim to completeness or functionality
regarding configuration and equipment. The application examples merely offer help with typical tasks; they do not
constitute customer-specific solutions. You yourself are responsible for the proper and safe operation of the products in
accordance with applicable regulations and must also check the function of the respective application example and
customize it for your system.
Siemens grants you the non-exclusive, non-sublicensable and non-transferable right to have the application examples
used by technically trained personnel. Any change to the application examples is your responsibility. Sharing the
application examples with third parties or copying the application examples or excerpts thereof is permitted only in
combination with your own products. The application examples are not required to undergo the customary tests and
quality inspections of a chargeable product; they may have functional and performance defects as well as errors. It is
your responsibility to use them in such a manner that any malfunctions that may occur do not result in property damage
or injury to persons.

Disclaimer of liability
Siemens shall not assume any liability, for any legal reason whatsoever, including, without limitation, liability for the
usability, availability, completeness and freedom from defects of the application examples as well as for related
information, configuration and performance data and any damage caused thereby. This shall not apply in cases of
mandatory liability, for example under the German Product Liability Act, or in cases of intent, gross negligence, or
culpable loss of life, bodily injury or damage to health, non-compliance with a guarantee, fraudulent non-disclosure of a
defect, or culpable breach of material contractual obligations. Claims for damages arising from a breach of material
contractual obligations shall however be limited to the foreseeable damage typical of the type of agreement, unless
liability arises from intent or gross negligence or is based on loss of life, bodily injury or damage to health. The foregoing
provisions do not imply any change in the burden of proof to your detriment. You shall indemnify Siemens against
existing or future claims of third parties in this connection except where Siemens is mandatorily liable.
By using the application examples you acknowledge that Siemens cannot be held liable for any damage beyond the
liability provisions described.

Other information
Siemens reserves the right to make changes to the application examples at any time without notice. In case of
discrepancies between the suggestions in the application examples and other Siemens publications such as catalogs, the
content of the other documentation shall have precedence.
The Siemens terms of use (https://support.industry.siemens.com) shall also apply.

Security information
Siemens provides products and solutions with industrial security functions that support the secure operation of plants,
systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and
continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions constitute
one element of such a concept.
Customers are responsible for preventing unauthorized access to their plants, systems, machines and networks. Such
systems, machines and components should only be connected to an enterprise network or the internet if and to the
extent such a connection is necessary and only when appropriate security measures (e.g. firewalls and/or network
segmentation) are in place.
For additional information on industrial security measures that may be implemented, please visit
https://www.siemens.com/industrialsecurity.
Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly
recommends that product updates are applied as soon as they are available and that the latest product versions are used.
Use of product versions that are no longer supported, and failure to apply the latest updates may increase customer’s
exposure to cyber threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under
https://www.siemens.com/cert.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 2

 Table

Table
1. Introduction ............................................................................................................... 5

1.1. Overview ................................................................................................................................ 5

1.2. Plant configuration .................................................................................................................. 6
1.3. Principle of operation .............................................................................................................. 8
1.3.1. S7 tag services ........................................................................................................................ 8
1.4. Components used ................................................................................................................. 11

2. Engineering.............................................................................................................. 12

2.1. Hardware configuration......................................................................................................... 12

2.2. Setting IP addresses and subnet mask .................................................................................... 13
2.2.1. IP address and subnet mask of the PC station.......................................................................... 13
2.2.2. IP address and subnet mask of the S7 CPU .............................................................................. 14
2.3. "Communication settings"...................................................................................................... 16
2.3.1. Activating protocols for the OPC server................................................................................... 16
2.3.2. Setting parameters for the protocols ...................................................................................... 17
2.3.3. OPC UA certificates ................................................................................................................ 18
2.3.4. Certificate management with Global Discovery Server............................................................. 19
2.4. Overview .............................................................................................................................. 22
2.5. Configuration........................................................................................................................ 23
2.5.1. Creating an S7 CPU in the TIA Portal ....................................................................................... 23
2.5.2. Creating a PC station in the TIA Portal ..................................................................................... 26
2.5.3. Configuring a connection ...................................................................................................... 29
2.5.4. Creating S7 tags .................................................................................................................... 35
2.5.5. Making S7 symbols known to the OPC server .......................................................................... 42
2.5.6. Allow access via PUT/GET communication by remote partner................................................... 44
2.5.7. Configuring the "Station Configuration Editor" ........................................................................ 45
2.6. Loading configuration data .................................................................................................... 53
2.6.1. Downloading configuration data of the S7 CPU....................................................................... 53
2.6.2. Loading configuration data of the PC station .......................................................................... 57

3. Operation ................................................................................................................. 63

3.1. Connecting to the OPC UA server ........................................................................................... 63

3.1.1. UA Expert ............................................................................................................................. 63
3.1.2. OPC Scout ............................................................................................................................. 70

4. Additional Information ............................................................................................. 85

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 3

 Table
4.1. SIMATIC NET OPC server ........................................................................................................ 85
4.1.1. S7 OPC UA server .................................................................................................................. 85
4.1.2. S7OPT OPC UA server ............................................................................................................ 86
4.1.3. SR OPC UA server .................................................................................................................. 87
4.1.4. DP OPC UA server .................................................................................................................. 88
4.2. Configuring and configuring a PC station................................................................................ 89
4.3. "Station Configuration Editor" ................................................................................................ 90
4.3.1. Overview .............................................................................................................................. 91
4.3.2. Area of application / applications............................................................................................ 92
4.3.3. "Components" tab ................................................................................................................. 93
4.4. Data blocks ........................................................................................................................... 97
4.4.1. Data blocks with optimized access ......................................................................................... 97
4.4.2. Data blocks with standard access ........................................................................................... 97
4.5. Types .................................................................................................................................... 98
4.5.1. Optimized S7 connections ..................................................................................................... 98
4.5.2. Standard S7 interconnections ................................................................................................ 98
4.6. Syntax for accessing absolute addresses ................................................................................. 99
4.7. OPC UA protocols ................................................................................................................ 100
4.7.1. XML Web services................................................................................................................ 100
4.7.2. Pure (native) binary TCP protocol ......................................................................................... 100
4.8. Structure of the namespace for OPC UA................................................................................ 101
4.9. Browsing the OPC UA namespace......................................................................................... 102
4.9.1. "Browse" ............................................................................................................................. 102
4.9.2. "Read" ................................................................................................................................. 102
4.10. Reading and writing attribute values from nodes .................................................................. 102
4.10.1. "Read" ................................................................................................................................. 102
4.10.2. "Write" ................................................................................................................................ 102

5. Appendix................................................................................................................ 103

5.1. Service and support ............................................................................................................. 103

5.2. Links and literature.............................................................................................................. 104
5.3. Change documentation ....................................................................................................... 104

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 4

 Introduction

1. Introduction
1.1. Overview
Communication functions of the SIMATIC NET OPC server for OPC UA
The OPC server provides standardized access to the industrial communication networks of SIMATIC NET.
The SIMATIC NET OPC server supports the connection of applications to any automation components that are networked
via PROFIBUS or Industrial Ethernet. The SIMATIC NET OPC server for OPC UA offers the following communication
functions:
• S7 communication
- S7 OPC UA server (see Chapter 4.1.1)
- S7OPT OPC UA server (see Section (4.1.2)
• Open communication services (SEND/RECEIVE)
- SR OPC UA server (see Chapter 4.1.3)

• PROFIBUS DP
- DP OPC UA server (see Section 4.1.4)

Services of the communication functions

The communication functions of the SIMATIC NET OPC server for OPC UA support the following services, for example:

• Tag services
• Block services
• Block services
• Server services

Tag services
This application example shows how to use the tag service to exchange data between the PC station and S7 CPU. This
service is supported by the following communication functions:

• S7 communication
• Open communication services (SEND/RECEIVE)
• The following components are used in this application example:
• SIMATIC NET OPC UA server on the PC station
- S7OPT OPC UA server
- S7 OPC UA server

• S7-1200 CPUs, S7-1500 CPUs, S7-300 CPUs and S7-400 CPUs

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 5

 Introduction

1.2. Plant configuration

The following figure shows typical plant configurations for Industrial Ethernet and PROFIBUS in which data
communication between the S7 CPU and PC station is implemented using S7 variable services via optimized S7
connections or standard S7 connections.

Industrial Ethernet
Figure 1-1

PC-Station

Industrial Ethernet

S7-300 CPU /CP S7-1200 CPU

S7-1500
CPU /CP /CM

S7-400 CPU /CP

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 6

 Introduction
PROFIBUS
Figure 1-2

PC-Station

PROFIBUS

CM 1243-5
S7-300 CPU /CP
S7-1500
CPU /CP /CM

S7-400 CPU /CP

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 7

 Introduction

1.3. Principle of operation

1.3.1. S7 tag services
S7OPT OPC UA server
The S7 tag services of the S7OPT OPC UA server enable access and monitoring of S7 tags via standard access and access to
optimized data blocks.
With standard access, the S7OPT OPC UA server supports the following objects:
• Data blocks (standard access)
• Instance data blocks and multi-instance data blocks (standard access)
• Inputs
• Outputs
• Timer (S7-1500 only)
• Counter (S7-1500 only)
• UDTs (User Data Types)

Not every S7 automation system supports all object types.

Note

NOTE Starting with STEP 7 V17 and SIMATIC NET PC Software V17, UDTs can be addressed as a node ID.

With access to optimized data blocks, the S7OPT OPC UA-Server supports the following objects:
• Data blocks (access to optimized data blocks)
• Instance data blocks (access to optimized instance data blocks)

S7 communication with access to optimized data blocks via OPC UA is supported by the S7-1200 CPUs
Note
(V4 onward) and the S7-1500 CPUs.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 8

 Introduction
S7 OPC UA server
The S7 OPC UA server supports the following objects:

• Data blocks
• Instance data blocks
• Inputs
• Outputs
• I/O inputs
• I/O outputs
• Flags
• Timer
• Counter

Not every S7 automation system supports all object types.

Note

The following figure shows an overview of the application example.

Figure 1-3

PC station
OPC-Client
Data

SIMATIC NET OPC-UA-Server:

• S7OPT UA-Server
• S7 UA-Server

S7-Connection

S7-CPU

S7 tags

The application example provides an introduction to using the S7-Tag service with S7OPT OPC UA
Note
server and S7 OPC UA server from SIMATIC NET. Details are described in the SIMATIC NET manuals
(see \3\, \4\ and \5\).

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 9

 Introduction
Figure 1-4

PG / PC S7 CPU

OPC client

Data 3 S7 tag
1

User program
Access to NodeId Operating system

S7OPT OPC UA server /

S7 OPC UA server
Nodes
2

Attributes
NodeId

S7 connection

OPC UA accesses objects and their subobjects. Data tags are, for example, subobjects of an S7 connection object.
The following S7 connection objects are available:

• Productive S7 connections
They are used for data exchange between the S7 CPU and PC station and are generally configured via STEP 7.
• DEMO connection
It is used exclusively for testing.
• @LOCALSERVER connection
It provides the local S7 data blocks for the S7 server functionality.
Unrestricted
Attributes define the objects in more detail. Each individual access to an object, subobject and attribute takes place via its
NodeId.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 10

 Introduction
With the S7 tag service, it is possible for the OPC client to read, monitor or write attribute values.
1. The OPC client accesses attributes via the NodeId to access the S7 tags in the S7-CPU with the following jobs.
- Read
- To write
2. Nodes are defined in the namespace of the S7OPT OPC UA server or S7 OPC UA server to organize the objects and
subobjects. The OPC client accesses the S7 tags in the S7 CPU via the nodes. The S7OPT OPC UA server or S7 OPC UA
server manages the jobs of the OPC-Client.
3. Step 7 (TIA Portal) contains a data block or a tag table with symbolic S7 tags. For S7-1500 CPUs and S7-1200 CPUs are
activated by default for the "Optimized block access" option for the data block.

1.4. Components used

This application example was created with these hardware and software components:
Table 1-1 Components used
Component
CPU 1513-1 PN
CPU 315-2 PN/DP
SIMATIC NET PC Software V19
STEP 7 Professional V19
UA Expert OPC UA client
Number Article Note
1 6ES7513-1AM03-0AB0 Alternatively, you can use any
1 6ES7315-2EH14-0AB0 S7-1500 CPU, S7-1200 CPU, S7-300
CPU, S7-Use 400 CPU, ET 200SP
CPU, ET 200S CPU or ET 200pro
CPU.
1 6GK1704-1LW23-0AA0 You will find the article numbers of
the SIMATIC NET products in the
sales and delivery release (see
entry 109826990).
1 Package:
6ES7810-5CC15-0YB5
Download:
6ES7810-5CE15-0YB5
1 Unified Automation OPC UA client,
can be downloaded from
https://www.unified-
automation.com/downloads/opc-
ua-clients.html

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 11

 Engineering

2. Engineering
2.1. Hardware configuration
The following figure shows the structure of the application example.
Figure 2-1 Hardware configuration

CPU 1513-1 PN SIMATIC Field PG

IP address: 192.168.178.35
Subnet mask: 255.255.255.0
IP address: 192.168.178.34
Subnet mask: 255.255.255.0

Industrial Ethernet

The SIMATIC Field PG is used as a PC station, i.e. the SIMATIC NET PC-Software is installed on the SIMATIC Field PG. The
following SIMATIC NET OPC UA servers are used to access the S7 variables of the S7 CPU from the PC station:

• S7 OPT OPC UA server

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 12

 Engineering

2.2. Setting IP addresses and subnet mask

2.2.1. IP address and subnet mask of the PC station
In Windows, set the IP address and subnet mask of the PC station in the properties of the network adapter via which the
PC station is connected to the S7 CPU.
1. Open the "Network and Sharing Center" under "Network and Internet" in the "Control Panel".
2. Select the "Change adapter settings" function.
3. Right-click on the corresponding network adapter and select the "Properties" shortcut menu.
The properties dialog of the network adapter opens.
4. Select the item "Internet Protocol Version 4 (TCP/IPv4)" and click the "Properties" button.
The properties dialog of the "Internet Protocol Version 4 (TCP/IPv4)" element opens.
5. Set the following IP address and subnet mask and accept the settings with "OK".
- IP address: 192.168.178.34
- Subnet mask: 255.255.255.0

Later on you configure the set IP address and subnet mask in the hardware configuration of STEP 7.
Note

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 13

 Engineering

2.2.2. IP address and subnet mask of the S7 CPU

Open the "Online &diagnostics" dialog
1. Under "Online access" in the project tree, click on the arrow to the left of the network adapter to which your S7-CPU is
connected.
2. Double-click the "Update accessible devices" command.
All devices available on the network adapter are displayed.
3. Click the arrow to the left of the S7 CPU to which you want to assign the IP address and subnet mask.
4. Double-click the "Online &diagnostics" command.
The "Online &diagnostics" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 14

 Engineering
Assigning an IP address and subnet mask
1. Set the S7 CPU to "STOP".
2. Under "Functions", click on the entry "Assign IP addresses".
3. Enter the following IP address and subnet mask.
- IP address: 192.168.178.35
- Subnet mask: 255.255.255.0
4. Click the "Assign IP address" button to transfer the parameters.

Note
• You enter the set IP address and subnet mask later in the configuration.
• With the S7-1500 CPUs, you can also set the IP address and subnet mask on the display.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 15

 Engineering

2.3. "Communication settings"

Call the "Communication Settings" program via the Windows Start menu "Siemens Automation > Communication
Settings".
The "Communication Settings" program offers a wide range of options for configuring and diagnosing the PC hardware
components as well as the PC user programs and the SIMATIC NET OPC-Server.

2.3.1. Activating protocols for the OPC server

The SIMATIC NET OPC server supports various protocols to the control level. All protocols are activated in the initial
configuration.
You have the option of deactivating the protocols that you do not want to use.
1. In the navigation area, navigate to "SIMATIC NET configuration > OPC settings > OPC protocol selection" ("SIMATIC NET
configuration > OPC settings > OPC protocol selection").
2. Activate the following protocols for OPC UA:
- "S7" ("S7"): SIMATIC S7 communication via PROFIBUS and Industrial Ethernet with S7-300, S7-400
- "S7 optimized": SIMATIC S7 communication with S7-1200 (as of V4) and S7-1500 via Industrial Ethernet (access to
optimized data blocks)

NOTE For a more detailed description of the differences between S7 and S7 optimized or S7Plus
interconnections, see 4.5.

3. Click the arrow icon next to the log, e.g. "S7 optimized" to access the extended parameter list for the report.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 16

 Engineering

2.3.2. Setting parameters for the protocols

Port settings:
- If the check box is selected, the default setting for the specified port is used.
- If the check box is deactivated, you can edit the input field for the port.

Security policy:
- If the check box is selected, unsecured connections (none) to the OPC server are permitted.
- If the check box is deactivated, no unsecured connections (none) to the OPC server are permitted.
Specify which connections to the OPC server are to be allowed and specify whether the messages are to be signed (sign)
or signed and encrypted (SignAndEncrypted):
- Secure connections based on the security policy "Basic128Rsa15"
- Secure connections based on the security policy "Basic256"
- Secure connections based on the security policy "Basic256Sha256"
- Secure connections based on the security policy "Aes128_Sha256_RsaOaep"
- Secure connections based on the security policy "Aes256_Sha256_RsaPss"

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 17

 Engineering
Checking the client certificates
- Certificates are always checked
Activated: The certificates are always checked.
Deactivated: The certificates are not checked.
- No strict certificate check
Enabled: Certain checks of certificates are ignored, e.g. CertificateRevocationUnknown,
CertificateIssuerRevocationUnknown, NonceLengthCheck, TokenPolicyIdCheck.
Deactivated: The certificates are fully checked.
- Accept expired certificates:
Activated: The certificates are accepted even if the time stamp of the certificate is invalid, i.e. the certificates have
not yet been valid or have already expired.
Deactivated: The certificates are only accepted if the time stamp is valid.

Logon settings
- If the check box is selected, the SIMATIC NET OPC allows-Server anonymous logon of OPC UA-Clients.
- If the check box is deactivated, anonymous logins are not permitted. User authentication with Windows login and
password is then required.

NOTE SIMATIC NET OPC uses OPC for user authentication Server the user administration of Windows. Log in
to the OPC client with your Windows user name and password on the SIMATIC NET OPC server.

Test and aids

- Provide templates for item definitions:
If you activate the check box, the OPC server creates patterns (templates) for item definitions in its namespace
with which a new item can be easily defined.
- Provide virtual module (demo) for simulations:
The SIMATIC NET OPC server offers the option of using the OPC interface without a communication module for
tests, presentations and developments. Depending on the protocol, the OPC server provides a virtual module or
"DEMO" connection (CP simulation). This option enables the simulation function to be activated depending on the
protocol.

2.3.3. OPC UA certificates

In the navigation area, navigate to "SIMATIC NET configuration > OPC settings > OPC UA certificates".
The certificates of the local OPC UA server and the certificates with which the OPC clients have identified themselves for
the servers are displayed and managed here.
Here you can now import and accept client certificates and export server certificates.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 18

 Engineering

2.3.4. Certificate management with Global

Discovery Server
Basics
The SIMATIC NET OPC UA servers support certificate management services that can be used, for example, by a Global
Discovery Server, hereinafter referred to as GDS. The SIMATIC NET OPC UA server supports push management via whose
functions OPC UA certificates, trust lists (list of trusted certificates) and certificate revocation lists (CRL) can be
automatically updated for the OPC UA servers. Automation of certificate management eliminates the manual effort
required to redistribute the certificates, e.g. after expiry of the validity period of a certificate.
The certificate management information model is specified in the OPC UA specification in Part 12.
The following sections provide an overview of Global Discovery services in general as well as the function of an
automated certificate update supported by the SIMATIC NET PC software.

GDS
The OPC UA GDS concept enables the configuration of cross-subnet Discovery services on the one hand and, on the other
hand, provides interfaces for operating central certificate management. The certificate management of the GDS contains
mechanisms for central management of the following components:
• CA-signed and self-signed certificates
• Trust lists and certificate non-trust lists
A GDS thus provides an access point for central certificate management. He thus assumes the task of a security server
within an OPC UA network. The GDS performs the following functions in detail:
• Initial creation of a certificate for OPC UA applications such as OPC UA server or OPC UA client
• Regular update of the trust list and the certificate non-trust lists
• Renewal of the OPC UA application certificate

Prerequisite
The following requirements are required to make the relevant methods and attributes visible for the GDS push
functionality:
• The set security policy supports the integrity and confidentiality of the data by signing and encrypting (Sign &
Encrypt).
• Access is performed by a user who has the role "SecurityAdmin".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 19

 Engineering
Address model for GDS push functionality
The address model for the GDS push functionality corresponds to the description in the OPC UA specification Part 12. The
following structure is located under the "ServerConfiguration" node:

Methods and attributes for accessing the address model

The methods and attributes with special features and restrictions of the specific address model of the SIMATIC NET OPC
UA server are explained in brief below. The OPC UA specification mentioned above contains the general description.
In the SIMATIC NET manual under the entry ID 77378184 you will find a detailed description of the individual methods
and attributes.

Method /Attribute (tag) Description

CreateSigningRequest Method for creating a PKCS#10 coded certificate request

signed with the private key of the OPC UA server.

Update Certificate Method for updating the server certificate for the OPC UA
server.

Applychanges Method for applying a safety-related change if the

"ApplyChangesRequired" attribute was set when executing a
previously executed method.
Note
If a certificate is changed because of "ApplyChanges", the OPC
UA server interrupts the connections or sessions that are saved
via this certificate. Background: The basis for the secure
Unrestricted connections – the certificate – is no longer valid.

GetRejectedList Method that returns a list of certificates that were rejected by

the OPC UA server.

Servercapabilities Tag that enumerates the capabilities supported by the OPC UA

server (string array)
"DA" – Returns current data
"HA" – Returns historical data
"AC" – Returns alarms and states that may require intervention
by an operator

SupportedPrivateKeyFormats Tag that specifies the permitted formats of the private key. For
the SIMATIC NET PC software, only "PEM" (string array)

MaxTrustListSize Tag that specifies the maximum size of the trust list.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 20

 Engineering
Method /Attribute (tag) Description

MulticastDnsEnabled Variable that specifies whether multicast DNS is supported. For

the SIMATIC NET PC software, the value is "False".

CertificateGroups Object (directory) that organizes all certificate groups

supported by the OPC UA server. The certificate groups contain
the objects that can be dynamically updated during runtime:
one trust list and one or more certificates that are assigned to
an OPC UA application.

Table 2-1 Methods and attributes for accessing the address model

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 21

 Engineering

2.4. Overview
The following figure shows an overview of the steps that are performed during engineering.

• Design
• Configuring the Station Configuration Editor
• Loading configuration data of the PC station
• Downloading configuration data of the S7 CPU
There are several options for performing the engineering step when configuring the Station Configuration Editor and
when loading the configuration data of the PC station. It is sufficient to carry out one of the engineering steps in each
case.
This application example describes all the options of the engineering steps.
Figure 2-2

Create project in TIA Portal:

Configuration ▪ S7 CPUs
▪ PC Station
▪ Symbols
▪ S7 connection

Configure the
Station manual Configure the XDB Export:
Configuration Station Exporting XDB from
Editor Configuration TIA Portal
Editor in TIA
Portal

Load PC station
Load configuration data XDB import:
configuration
via TIA Portal Importing XDB in Station
data
Configuration Editor

Load S7 CPU Load Configuration data via

configuration TIA Portal
data

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 22

 Engineering

2.5. Configuration
The aim of the example configuration is to connect tags of a PLC of the S7-1500 family with encrypted S7 optimized
connection to the SIMATIC NET PC OPC UA server.

NOTE The example project provided shows you the finished configuration. It can be loaded directly into
devices taking into account the IP addresses.

2.5.1. Creating an S7 CPU in the TIA Portal

Prerequisite
• STEP 7 (TIA Portal) is open.
• A new project has been created or the provided sample project is open.

Add new device

1. Double-click the "Add new device" command in the project tree.
The "Add new device" dialog opens.
2. Select "Controllers".
3. Select the S7 CPU according to your hardware configuration, e.g. CPU 1513-1 PN.
4. Activate the "Open device view" option.
5. Select the firmware version of the S7 CPU under Version.
6. Click the "OK" button.

If you have activated the "Open device view" option, the "Device view" of the S7 CPU opens
Note
automatically in the hardware and network editor.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 23

 Engineering
PLC Security Settings

You now have the option of protecting confidential configuration data of the PLC with a password.
The setting of the mode for PG/PC and HMI connections is important for the encrypted connection.

Unrestricted

NOTE By enabling, the connections of the PLC to the PG/PC and HMI are only permitted encrypted and a TLS
server certificate is created for the PLC.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 24

 Engineering
Opening the device view
After you have specified the security settings of the PLC, open the device view.
1. Open the device folder of the S7 CPU in the project tree.
2. Double-click "Device configuration".

The "Device view" of the S7 CPU opens in the hardware and network editor.

Setting address parameters

1. Select the S7 CPU in the device view.
The properties of the S7 CPU are displayed in the Inspector window.
2. Navigate to "PROFINET" in the "General" tab-Interface [X1] > Ethernet addresses" ("PROFINET interface [X1] > Ethernet
addresses").
3. Enter the following address parameters:
- IP address: 192.168.178.35
- Subnet mask: 255.255.255.0
4. Click the "Add new subnet" button to create a new subnet or select an existing subnet.

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 25

 Engineering

2.5.2. Creating a PC station in the TIA Portal

Inserting a device
1. Double-click the "Add new device" command in the project tree.
The "Add new device" dialog opens.
2. Click the "PC systems" button.
3. Select the user application "OPC server".
4. Activate the "Open device view" option.
5. Set the version of the user application "OPC server", e.g. "SW V19...".
6. Click the "OK" button.
A PC station with the user application "OPC Server" ("OPC server") is inserted.

If you have activated the "Open device view" option, the "Device view" of the PC station opens
Note
automatically in the hardware and network editor.

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 26

 Engineering
Opening the device view
1. Open the device folder of the PC station in the project tree.
2. Double-click the "Device configuration" command.
The "Device view" of the PC station opens in the hardware and network editor.

Configuring a PC station
Configure the PC station in the device view.
1. The OPC server was automatically inserted in slot 2.
2. Insert a communication module, e.g. "IE General", in slot 1 of the PC station using drag & dop.

Setting address parameters

1. Select the "IE General" communication module in the device view.
The properties of the communication module are displayed in the Inspector window.
2. In the "General" tab, navigate to "PROFINET interface [X1] > Ethernet addresses" ("PROFINET interface [X1] > Ethernet
addresses").
3. Enter the following address parameters.
- IP address: 192.168.178.34
- Subnet mask: 255.255.255.0
4. Click the "Add new subnet" button to create a new subnet or select an existing subnet.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 27

 Engineering
Setting the name of the PC station
1. Select the PC station in the device view.
The properties of the PC station are displayed in the Inspector window.
2. Navigate to "General" in the "General" tab.
3. Enter the name of the PC station, e.g. "PC system".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 28

 Engineering

2.5.3. Configuring a connection

S7 CPU and PC station are created in the same project
Add specified connection:

If you use the user application "OPC Server" with version "SW V14..." or higher, an optimized
Note
connection is automatically created for S7-1500 CPUs and S7-1200 CPUs (firmware V4 or higher).

1. Open the "Project tree".

2. Double-click the "Devices & networks" command.
The graphic area the "Network view" opens in the hardware and network editor.
3. Click the "Connections" button in the toolbar to activate the connection mode.
4. Select the connection type "S7 connection" in the adjacent drop-down list.
In the "Network view", all devices that are suitable for an S7 connection are highlighted in color.
5. Drag the mouse cursor from the OPC server to the S7 CPU while holding down the mouse button.
6. Release the mouse button on the target device to create the S7 connection between the OPC server and the S7 CPU.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 29

 Engineering
Result
A specified S7 connection has been created.

• The connection path is highlighted.

• The S7 connection is entered in the connection table.

NOTE You can recognize an optimized S7-Connection to the fact that only one single S7 connection was
created for the send and receive direction.

• The OPC server actively establishes the S7 connection. The S7 CPU is passively involved in establishing the connection.

Setting connection parameters:

1. Select the S7 connection in the connection table.
The properties of the S7 connection are displayed in the Inspector window.
2. Activate the "Maintain connection permanently" function under "OPC" ("OPC") in the "General" tab.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 30

 Engineering
S7 CPU and PC station have been created in different projects

ATTENTION It is not possible to establish an encrypted connection to the SIMATIC NET OPC UA server if the PC
station and the PLC are not created in the same project.
The TLS server certificate selected in the PLC is marked as "trusted" when loading the PC station from
TIA Portal in SIMATIC NET. If the two devices are in different projects, SIMATIC NET does not recognize
the TLS server certificate of the PLC and therefore refuses a secure connection.

Add unspecified S7 connection:

1. Open the "Project tree" in the project of the PC station.
2. Double-click the "Devices & networks" command.
The graphic area of the "Network view" opens in the hardware and network editor.
3. Click the "Connections" button in the toolbar to activate the connection mode.
Select the connection type "S7 connection" in the adjacent drop-down list.
In the "Network view", the OPC server that is used for an S7-Connection in question, color-coded.
Right-click on the OPC server.
The context menu opens.
Select the entry "Add new connection".

The "Add new connection" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 31

 Engineering
4. Specify the following connection partners: "Unspecified".
Enter the local ID, e.g. "S7 connection PC".
The local ID is visible in the OPC client if the OPC client has established the connection to the S7 OPC UA server of
SIMATIC NET.
Click the "Add" button to add the unspecified S7 connection and click the "Close" button to exit the dialog.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 32

 Engineering
Result
An unspecified S7 connection has been created.

• The connection path is highlighted.

• The S7 connection is entered in the connection table.

• The OPC server actively establishes the S7 connection.

If the connection parameters have not yet been set completely, the S7 connection is displayed as
Note
faulty in the connection table.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 33

 Engineering
Setting connection parameters
1. Select the S7 connection in the connection table.
The properties of the S7 connection are displayed in the Inspector window.
2. In the "General" tab under "General", enter the IP address of the communication partner, e.g. 192.168.178.35
(IP-address of the S7 CPU).

3. Enter the partner TSAP under "Address details" in the "General" tab. The partner TSAP is made up as follows: 03rd slot
of the CPU, e.g.:
- S7-1500/S7-1200 CPU in slot 1: 03.01
- S7-300 CPU in slot 2: 03.02
- S7-400 CPU in slot 3: 03.03

4. Activate the "Maintain connection permanently" function under "OPC" in the "General" tab.

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 34

 Engineering

2.5.4. Creating S7 tags

Overview
• Access to the S7 tags of a data block with optimized block access is only possible via optimized S7 connections and via
the symbol name.
• The S7 tags are stored symbolically in the data block with standard access. There are two ways to access the S7
variables:
- via the symbol name
- with the "PUT" and "GET" services via the absolute address
• There are two ways of accessing S7 variables that are defined in a tag table:
- via the symbol name
- with the "PUT" and "GET" services via the absolute address

Inserting a data block (DB) with optimized block access

Data blocks (DBs) with optimized block access are only available for S7-1500 CPUs and S7-1200 CPUs. The S7 variables of
a DB with optimized block access can only be accessed symbolically via an optimized S7 connection.
1. Navigate in the "Project tree" to the device folder of the S7 CPU.
2. Open the "Program blocks" folder.
3. Double-click the "Add new block" command.

The "Add new block" dialog opens.

4. Make the following settings and then confirm your entries with the "OK" button.
- Click the "Data block" button.
- Select the type "Global DB".
- Enter the name of the DB, e.g. "OptimizedData".
- Activate the "Automatic" option button for automatic number assignment. The number of the global DB is
assigned by TIA Portal.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 35

 Engineering
5. Double-click the newly inserted global DB "OptimizedData".
The data block opens.
6. <Hinzufügen>Double-click "" ("<Add new>") to create S7 tags.

7. Create the required S7 tags. Use the following data types, for example.
- Integer
- Bool
- Real
- Array: Data structure consisting of a fixed number of components of the same data type. In this application
example, the data types BYTE and PLC data type are used for the components.
- PLC data type: complex user-defined data type. It represents a data structure consisting of several components of
different data types.
8. Click in the "Project tree" with the right mouse button of the newly inserted global DB "OptimizedData".

The context menu opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 36

 Engineering
9. Select "Properties".

The properties dialog of the DB opens.

10. Activate the following functions under "Attributes" in the "General" tab and then accept the settings with the "OK"
button.
- "Optimized block access"
- "DB accessible from OPC UA"

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 37

 Engineering
Add a data block (DB) with standard access
1. Navigate in the "Project tree" to the device folder of the S7 CPU.
2. Open the "Program blocks" folder.
3. Double-click the "Add new block" command.
The "Add new block" dialog opens.
4. Make the following settings and then confirm your entries with the "OK" button.
- Click the "Data block" button.
- Select the type "Global DB".
- Enter the name of the DB, e.g. "Data".
- Activate the "Automatic" option button for automatic number assignment. The number of the global DB is
assigned by TIA Portal.

5. Double-click the newly inserted global DB "Data".

The data block opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 38

 Engineering
6. <Hinzufügen>Double-click "" ("<Add new>") to create S7 tags.

7. Create the required S7 tags. Use the following data types, for example:
- Integer
- Bool
- Real
- Array: Data structure consisting of a fixed number of components of the same data type. In this application
example, the data types BYTE and PLC data type are used for the components.
- PLC data type: complex user-defined data type. It represents a data structure consisting of several components of
different data types.
8. Click in the "Project tree" with the right mouse button of the newly inserted global DB "Data".

The context menu opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 39

 Engineering
9. Select the entry "Properties".

The properties dialog of the DB opens.

10. Make the following settings under "Attributes" in the "General" tab and then apply the settings with the "OK" button:
- Deactivate the "Optimized block access" function
- Activate the function "DB accessible from OPC UA" ("DB accessible drom OPC UA")

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 40

 Engineering
Defining S7 symbols in the tag table
In the tag table, you define S7 tags with symbolic names, e.g.:

• Flags
• Inputs
• Outputs
• Times
• Counter
In this example, memory byte MB 0 is activated as clock memory in the S7 CPU. For S7-1500 CPUs and S7-1200 CPUs, the
clock flags are automatically entered with symbolic names in the tag table.
If you are using an S7-300 CPU or S7-400 CPU, enter the addresses and symbol names of the clock memory bit manually
in the tag table.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 41

 Engineering

2.5.5. Making S7 symbols known to the OPC server

1. Open the "Device view" of the PC station.
2. Select the OPC server.
The properties of the OPC server are displayed in the Inspector window.
3. In the "General" tab, navigate to "S7 > OPC symbols".

4. To access all symbolic S7 tags in the OPC server, activate the "All" option.

5. To access configured symbolic S7 tags in the OPC server, activate the "Configured" option and click the "Configuring"
button.

The "Symbol Configuration" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 42

 Engineering
6. Define which S7 tags are to be visible in the OPC server so that the OPC client can access them. By default, the "Visible"
option is activated for the S7 tags.
Define the access rights for the S7 tags. The default access right is "ReadWrite".
Click "OK" to apply the settings.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 43

 Engineering

2.5.6. Allow access via PUT/GET communication by

remote partner

NOTE This step is only necessary if you want to use access via the absolute addresses of the tags. This step is
not necessary for symbolic addressing.

With the S7-1500 CPUs and S7-1200 CPUs, it is necessary to allow access via PUT/GET communication by remote partners
so that the SIMATIC NET OPC UA server with the services "PUT" and "GET" can access the S7 tags in the S7 CPU via the
absolute address.
1. Open the device view of the S7 CPU.
2. Select the S7 CPU in the device view.
The properties of the S7 CPU are displayed in the Inspector window.
3. Navigate to "Protection & Security > > Connection mechanisms" in the "General" tab.
4. Activate the "Permit access with PUT/GET communication from remote partner" function.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 44

 Engineering

2.5.7. Configuring the "Station Configuration Editor"

2.5.7.1. Configuring manually
Insert the components in the arrangement as in the component image that you have created in the
Note
"Device view" of the PC station in the TIA Portal. A different configuration means that the
configuration data that you download from TIA Portal to the PC station is not correctly imported.
The station name must be entered during the initial configuration.

1. Double-click the corresponding icon on the desktop to start the "Station Configuration Editor".
2. Click the "Station Name" button.

The "Station name" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 45

 Engineering
3. Enter the station name, e.g. "PC system".
It is essential that the name in the "Station Configuration Editor" matches the name you assigned for the PC station in
the configuration with TIA Portal.

4. Accept the settings with "OK".

5. Click the "Add" button.

The "Add Component" dialog opens.

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 46

 Engineering
6. Make the following settings to add the user application "OPC Server".
- "Type": "OPC Server"
- Index: 1

7. Make the following settings to add the "IE General" component.

- "Type": "IE General"
- Index: 2
- "Parameter assignment":
Select the network adapter via which the PC station is connected to the S7 CPU and communicates.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 47

 Engineering
Result
The inserted components and the station name are displayed in the "Station Configuration Editor":

• Station name: "PC system"

• Index 1: "OPC server"
• Index 2: "IE General"
• Index 125: "Station manager"
The "Station manager" is automatically inserted on this index by the system.
Figure 2-3

The following status symbols for components show that the configuration data has not yet been loaded:

• The component is available in the current configuration of the PC station.

• The component has a configuration that is derived from a default parameter set. The default parameter set allows a
component to be addressed via the network without further configuration after it has been installed. Make sure that
the default parameter set used contains consistent parameters for the other network parameters.

• The component is present in the current configuration of the PC station, but not configured. Depending on the
intended application, you must still configure the component in STEP 7 and load the configuration data.

After you have configured the "Station Configuration Editor" manually, download the configuration data of the PC station
(see Section 2.6.2).

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 48

 Engineering
2.5.7.2. Configuring the "Station Configuration Editor" in the TIA Portal
1. Right-click on the device folder of the PC station.
Select the entry "Configure PC station online".

The "Configure" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 49

 Engineering
2. Select the network adapter via which the PC station with the S7-CPU communicates and click the "Update" button.
Click the "Configure" button to transfer the configuration of the PC station to the Station Configuration Editor.
If the transfer has been successfully completed, the message "Transfer completed successfully" is replied.
Click the "Close" button to close the dialog.

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 50

 Engineering
Result
The components and the station name are created in the "Station Configuration Editor" in accordance with the
configuration in TIA Portal:
• Station name: "PC system"
• Index 1: "OPC server"
• Index 2: "IE General"
• Index 125: "Station manager"
The "Station manager" is automatically inserted on this index by the system.
Figure 2-4

The following status symbols for components show that the configuration data has not yet been loaded:

• The component is available in the current configuration of the PC station.

• The component has a configuration that is derived from a default parameter set. The default parameter set allows a
component to be addressed via the network without further configuration after it has been installed. Make sure that
the default parameter set used contains consistent parameters for the other network parameters.

• The component is present in the current configuration of the PC station, but not configured. Depending on the
intended application, you must still configure the component in STEP 7 and load the configuration data.

After you have configured the "Station Configuration Editor" in the TIA Portal, load the configuration data of the PC station
(see Section 2.6.2).

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 51

 Engineering
2.5.7.3. XDB export: Export XDB from TIA Portal
1. Open the "Device view" of the PC station.
2. Select the PC station.
The properties of the PC station are displayed in the Inspector window.
3. Navigate to "XDB configuration" in the "General" tab.
Activate the following functions:
- "S7RTM is installed (for example SIMATIC NET PC software)"
- "Generate XDB file"
Click the "Browse" button to set the path under which the XDB file is saved.

4. Select the PC station in the "Project tree".

5. Click the "Compile" button in the toolbar.

Result
The XDB configuration file is generated and saved under the path that you set in the configuration of the PC station.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 52

 Engineering

2.6. Loading configuration data

2.6.1. Downloading configuration data of the S7 CPU
Conditions
• Engineering PC and S7 CPU are located in the same subnet
• You have set the IP address and subnet mask for the S7 CPU that you entered in the hardware configuration (see
Chapter 2.2.2).

Translate
1. Select the S7 CPU in the "Project tree".
2. Click the "Compile" button in the toolbar.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 53

 Engineering
Load
1. Select the S7 CPU in the "Project tree".

2. Click the "Download to device" button in the toolbar.

The "Extended download to device" or "Load preview" dialog opens automatically.

NOTE The "Extended download to device" dialog only opens automatically if the access path from the PG/PC
to the S7 CPU has to be set again.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 54

 Engineering
3. Make the following settings in the "Extended download to device" dialog to access the S7 CPU via TCP/IP:
- Type of PG/PC interface: PN/IE
- PG/PC interface: Network card of the PG/PC
- Connection to interface/subnet: subnet of the S7 CPU, e.g. PN/IE_1
Select the "Show all compatble devices" option.
Click the "Start search" button.
Select the S7 CPU as the target device.
Click the "Load" button.

The "Load preview" dialog opens.

4. Click the "Load" button to start the loading process.

Unrestricted

The "Load results" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 55

 Engineering
5. Click the "Finish" button to end the loading process.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 56

 Engineering

2.6.2. Loading configuration data of the PC station

In addition to the component configuration, you require the configuration data for the communication connections and,
if necessary, for the symbols of S7 tags for productive operation. You have the following options: The configuration data
in the PC-Load station:
• Downloading via TIA Portal in online mode
• XDB import: Import XDB in the Station Configuration Editor

Loading via TIA Portal in online mode

Online mode allows the configuration data to be downloaded directly to the PC station connected via a network or to the
local PC station if it is simultaneously used as an engineering PC.

Downloading via TIA Portal in online mode only results in a successful installation of the
Note
communication services on your PC station if the component arrangement in the configuration data is
identical to the arrangement in the configuration data on the PC station.

Conditions:

• Engineering PC and PC station are located in the same subnet

• You have set the IP address and subnet mask for the network card of the PC station that you entered in the hardware
configuration (see Chapter 2.2.1).

Translate
1. Select the PC station in the "Project tree".
2. Click the "Compile" button in the toolbar.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 57

 Engineering
Load
1. Open the "Device view" of the PC station.
2. Right-click on the PC station.
The context menu opens.
Select the entry "Download to device > hardware configuration" > device.
The "Extended download to device" or "Load preview" dialog opens automatically.

NOTE The "Extended download to device" dialog only opens automatically if the access path to the PC
station has to be set again.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 58

 Engineering
3. Make the following settings in the "Extended download to device" dialog:
- Type of PG/PC interface: PN/IE
- PG/PC interface: Network card of the PC station
- Connection to interface/subnet: subnet of the PC station, e.g. PN/IE_1
Select the "Show devices with the same addresses" option.
Click the "Start search" button.
Select the station manager as the target device.
Click the "Load" button.

The "Load preview" dialog opens.

4. Click the "Load" button to start the loading process.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 59

 Engineering
Result
The configuration data of the PC station has been successfully loaded.
Figure 2-5

• The components are in "RUN" mode. This is indicated by the icon in the "Run/Stop" column ("Run/Sop").
• The following status symbol for the component indicates that the configuration data has been successfully loaded.

- The component is available and configured in the current configuration of the PC station.
- The component is ready for operation!

• The configured S7-Connection is loaded. This is indicated by the icon in the "Verb" column ("Conn").

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 60

 Engineering
XDB import: Import XDB in the Station Configuration Editor
1. Open the Station Configuration Editor.
2. Click the "Import Station" button to load the configuration data of the PC station.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 61

 Engineering
Result
The configuration data of the PC station has been successfully loaded.
Figure 2-6

• The station has the same name as in the component image that you created in the "Device view" of the PC station in
TIA Portal.
• The components are in "RUN" mode. This is indicated by the icon in the "Run/Stop" column ("Run/Sop").
• The following status symbol for the component indicates that the configuration data has been successfully loaded.

- The component is available and configured in the current configuration of the PC station.
- The component is ready for operation!

• The configured S7-Connection is loaded. This is indicated by the icon in the "Verb" column ("Conn").

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 62

 Operation

3. Operation
The SIMATIC NET OPC UA server does not call data from the S7 until a client has been successfully connected via an S7
connection.

3.1. Connecting to the OPC UA server

To access the data provided by the SIMATIC NET OPC UA server with write and read jobs, you require an OPC client. In this
example, UA Expert and "OPC Scout V10" by SIMATIC NET are used as OPC clients.

3.1.1. UA Expert
An encrypted and signed connection to the SIMATIC NET OPC UA server is to be established. For this purpose, the
respective partner certificate must be trusted.

3.1.1.1. Certificate exchange

Trusting the client certificate as server
You will find the OPC UA client certificate from UA Expert in which you perform the following steps.
1. Start UA Expert.
2. Under "Settings>Manage Certificates..", open the certificate manager of UA Expert.
3. Copy the UA Expert certificate to your desktop, for example

4. Open the Siemens Communication Settings.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 63

 Operation
5. Switch to the OPC UA certificates.
Import the UA Expert Client certificate.
Select "S7OPT" and "S7" for the accepted OPC UA protocols.
Confirm with "OK".

The UA Expert certificate is now trusted for the S7OPT and S7 protocols.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 64

 Operation
Trusting the server certificate in UA Expert
The server certificate can either be trusted at the first connection to the server, or the certificate can already be stored in
UA Expert beforehand. To do this, follow the steps below.
1. Open the Siemens Communication Settings.
2. Switch to the OPC UA certificates.
3. Export the two certificates for "S7OPT" and "S7".

4. Open the PKI structure of the UA Expert client. For more information, refer to ua expert in the certificate manager.
("Settings > Manager Certificates")
5. Select "Open Certificate Location".
6. Now copy the previously exported certificates to this folder.

Result

The two certificates are now stored in UA Expert as "Trusted".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 65

 Operation
3.1.1.2. Connection
1. Click the "+" icon in UA Expert.
Double-click to add a new server address.

2. Enter the IP address of the PC station and confirm with "OK".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 66

 Operation
3. Now select the server end point to which you want to connect.
User authentication with Windows login and password is required to connect. Enter the login data.
Click "OK"

4. Now establish a connection to the server.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 67

 Operation
Result
You are now successfully connected to an encrypted endpoint of the SIMATIC NET OPC UA server.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 68

 Operation
3.1.1.3. Access tags
Read Tags
Tags can be monitored and written in UA Expert via Publish/Subscribe. To do this, drag-and-drop the required tag into the
Data Access View. You will find the data blocks of the S7-1500 in the "SYM>S71500ET200MP Station_1" folder.

Write tags
1. Double-click the "Value" of the tag.
2. Enter the desired value.
3. Confirm with Enter.

Result

You have successfully transferred a value to the S7 station.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 69

 Operation

3.1.2. OPC Scout

3.1.2.1. Connection establishment to the S7OPT OPC UA server
1. Call OPC Scout V10 via the Windows Start menu "Siemens Automation > OPC Scout V10".
2. In "Server Explorer" under "UA server", right-click on the "Local UA server" entry.

The context menu opens.

3. Click on the entry ("Update" browsing").

The activated and available connections are displayed.

4. Under "UA Server> Local UA Servers > OPC. SimaticNET.S7OPT" ("UA server > Local UA server > OPC.
SimaticNET.S7OPT") right-click on the S7 connection to establish an optimized S7 connection from the SIMATIC NET
OPC UA server to the S7 CPU.
Click the "Connect" entry.

The "User authentication change" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 70

 Operation
5. User authentication with Windows login and password is required to establish the optimized S7 connection.

6. If you have activated the option "Allow anonymous logins to the OPC UA server" in the "Communication Settings",
anonymous logon is also possible.

To establish a standard S7 connection to an S7-300 CPU or S7-400 CPU, connect to the SIMATIC NET
Note
OPC UA server "OPC. SimaticNET.S7".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 71

 Operation
3.1.2.2. Accessing the S7 tags in the S7 CPU via S7OPT Connection
Using the symbolic address to access the S7 variables in the S7 CPU
1. Navigate in the "Server Explorer" to "UA server > local UA server > OPC. SimaticNET.S7OPT > opc.tcp://Computer
Name:55105 [OPC. SimaticNET.S7OPT] > Objects > SYM".
The symbol table with the created S7 tags is displayed here.

2. Drag-and-drop the required S7 tags into the DA view of OPC Scout V10.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 72

 Operation
Accessing the S7 tags in the S7 CPU via the absolute address
With optimized data blocks, it is not possible to access the S7 tags via the absolute address. You access the S7 tags in
optimized data blocks using the symbol name.
For the S7-1500 CPUs and S7-1200 CPUs, it is necessary to activate the function "Permit access with PUT/GET
communication from remote partner" to access the S7 variables via the absolute address (see Chapter 2.5.6).
1. Navigate in the "Server Explorer" to "UA server > local UA server > OPC. SimaticNET.S7OPT > opc.tcp://Computer
Name:55101 [OPC. SimaticNET.S7OPT] > objects > S7OPT > connection name >blocks > db".
Templates are displayed here to access the S7 tags in the S7 CPU via the absolute address.

2. Insert the required templates (templates) for accessing the absolute addresses of the S7 tags in the DA view of OPC
Scout V10 using drag-and-drop.
3. Adapt the templates according to your configuration. In this application example, the S7 variables are stored in DB2
"Data".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 73

 Operation
3.1.2.3. Establishing a connection to the S7 OPC UA server
The SIMATIC NET OPC server accesses via standard S7 connections on the S7-Variables in S7-300 CPUs and S7-400 CPUs.
To access the data provided by the SIMATIC NET OPC UA server with write and read jobs, you require an OPC client. In this
example, the "OPC Scout V10" of SIMATIC NET is used as an OPC client.

Connection
1. Call OPC Scout V10 via the Windows Start menu "Siemens Automation > OPC Scout V10" ("Siemens Automation > OPC
Scout V10").
2. In "Server Explorer" under "UA server", right-click on the "Local UA server" entry.
Click on the entry ("Update" browsing").

The activated and available connections are displayed.

3. Under "UA Server> Local UA Servers > OPC. SimaticNET.S7" right-click on the S7 connection to establish an S7
connection from the SIMATIC NET OPCUA server to the S7 CPU.
Click the "Connect" entry.

The "User authentication change" dialog opens.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 74

 Operation
4. User authentication with Windows login and password is required to establish the S7 connection.

5. If you have activated the option "Allow anonymous logins to the OPC UA server" in the "Communication Settings",
anonymous logon is also possible.

To establish an optimized S7 connection to an S7-1500 CPU or S7-1200 CPU (as of V4), connect to the
Note
SIMATIC NET OPC UA server "OPC. SimaticNET.S7OPT".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 75

 Operation
3.1.2.4. Accessing the S7 tags in the S7 CPU via S7 standard Connection
Accessing the S7 tags in the S7 CPU via the symbol name
1. Navigate in the "Server Explorer" to "UA server > local UA server > OPC. SimaticNET.S7 > opc.tcp://Computer
Name:55101 [OPC. SimaticNET.S7] > Objects > SYM ".
The symbol table with the created S7 tags is displayed here.

2. Drag-and-drop the required S7 tags into the DA view of opc scout V10.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 76

 Operation
Accessing the S7 tags in the S7 CPU via the absolute address
1. Navigate in the "Server Explorer" to "UA server > local UA server > OPC. SimaticNET.S7 > opc.tcp://Computer
Name:55101 [OPC. SimaticNET.S7] > objects > S7 > connection name >blocks > db" ("UA server > Local UA server >
OPC. SimaticNET.S7 > opc.tcp://Computer name:55101 [OPC. SimaticNET.S7] > objects > S7 > connection name >
blocks > db").
Templates are displayed here to access the S7 tags in the S7 CPU via the absolute address.

2. Insert the required templates (templates) for accessing the absolute addresses of the S7 tags in the DA view of OPC
Scout V10 using drag-and-drop.
3. Adapt the templates according to your configuration. In this application example, the S7 variables are stored in DB1
"Data".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 77

 Operation
3.1.2.5. Reading and monitoring an S7 variable
Prerequisite
• The connection from the PC station to the S7 CPU is established (see Chapter 3.1.2.1 and Chapter 3.1.2.3).
• You have created and opened a watch table in TIA Portal that contains all S7 tags to which you can use the SIMATIC
NET OPC-Server via the symbol name or via the absolute address.

Overview

PC station S7 station

STEP 7
watch table

1 Write

OPC UA Client

2 Read/Monitor
S7 CPU

SIMATIC NET
OPC UA server
S7OPT Symbolic name
Item Data / absolute
address

1. Write S7 tags to TIA Portal.

2. Read and monitor S7 variables in SIMATIC NET OPC Scout V10

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 78

 Operation
Writing to TIA Portal
1. Click the "Monitor all" button.
2. Enter values for the S7 in the "Modify value" column-Tags on.
3. Click the "Controls all activated values "once and immediately".

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 79

 Operation
Result

The S7 variables are described with the control values. The values of the S7-Tags are displayed in the "Monitor value"
column.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 80

 Operation
Read and monitor in OPC Scout V10
Figure 3-1

1. Click the "Monitoring ON" button in the DA view of OPC Scout V10 to continuously monitor the values of the S7
variables.
2. Click the "Read" button to select the values of the S7-Variables to be read once and immediately.

Result
Figure 3-2

The values of the S7 tags are displayed in the "Value" column.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 81

 Operation
3.1.2.6. Write S7 tag
Prerequisite
• The connection from the PC station to the S7 CPU is established (see Chapter 3.1.2.1 and Chapter 3.1.2.3).
• You have created and opened a watch table in TIA Portal that contains all S7 tags to which you can use the SIMATIC
NET OPC-Server via the symbol name or via the absolute address.

Overview
Figure 3-3

PC station S7 station

STEP 7
watch table

1 Write

OPC UA client

2 Read/Monitor
S7 CPU

SIMATIC NET
OPC UA server
S7OPT Symbolic name
Item Data / absolute
address

1. Write S7 tag in SIMATIC NET OPC Scout V10

2. Monitoring an S7 variable in TIA Portal

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 82

 Operation
Writing in OPC Scout V10
1. Click the "Monitoring ON" button to continuously monitor the values of the S7 variables.
2. Enter new values for the S7 tags in the DA view of OPC Scout V10 in the "New Value" column.
3. Click the "Write" button to describe the S7 tags with the new value.

Result

The written values are displayed in the "Value" column.

Monitoring in TIA Portal

Click the "Monitor all" button.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 83

 Operation
Result
Figure 3-4

The values of the S7 variables are displayed in the "Monitor value" column.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 84

 Additional Information

4. Additional Information
4.1. SIMATIC NET OPC server
4.1.1. S7 OPC UA server
The S7 OPC UA server supports S7 communication via Industrial Ethernet and PROFIBUS.

Connection
The S7 OPC UA server supports the following connection type:

• Standard S7 connection (see Section 4.5.2)

Communications
The S7 OPC UA server supports the following communication services:
Table 4-1
Communication Description
Tag services Functions for reading and writing one or more S7 variables.
Block services Program-controlled transmission of larger data blocks.
Block services Transfer of a loadable data area from and to S7.
Server functionality The PC can be used as a server for data blocks and data blocks.
S7 password function Setting a password for accessing protected blocks.
OPC UA events, conditions and alarms Processing of S7 messages and S7 diagnostic events.
Historical data via OPC UA Access to historical S7 data tags that are archived in a database for up to 360
hours.

The Table 4-1 Listed communication services of the S7 OPC UA server are available on Industrial
Note
Ethernet and PROFIBUS.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 85

 Additional Information

4.1.2. S7OPT OPC UA server

The S7OPT OPC UA server supports S7 communication with S7-1200 (as of V4) and S7-1500 via Industrial Ethernet.

Connection
The S7OPT OPC UA server supports the following connection type:

• Optimized S7 connection (see Chapter 4.5.1)

Communications
The S7OPT OPC UA server supports the following communication services:
Table 4-2
Communication Description
Tag services Functions for reading and writing one or more S7 tags via standard access
and access to optimized data blocks.
OPC UA events, conditions and alarms Processing PLC alarms.
Historical data via OPC UA Access to historical S7OPT data tags that are archived in a database for up
to 360 hours.
S7-CPU protection level concept Setting a password for protected connection establishment and access to
the S7-1200 and S7-1500 stations.

The Table 4-2 Listed communication services of the S7OPT OPC UA-Servers are only available for
Note
Industrial Ethernet.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 86

 Additional Information

4.1.3. SR OPC UA server

The SR OPC UA server enables the use of the open communication services (SEND / RECEIVE) via Industrial Ethernet with
OPC UA. The SR OPC UA server is released for communication with S7 devices. It also enables the user to communicate
with third-party devices.

Connection
The SR OPC UA server supports the following connection types:
• TCP connections
• ISO-on-TCP connections
• ISO transport connections

Type of connection
The type of SR access options that is possible via an SR connection is set in STEP 7. The connection can either:
• Fetch only
• Write only
• Send/Receive only

Communications
The SR OPC UA server supports the following communication services:
Table 4-3
Communication Description
Tag service Reading and writing data tags for S5-Data blocks and areas (S5-compatible
communication) require the configuration of a fetch or write connection.
The data tags on a fetch connection are read only. The data tags are only written
to a write connection. If data blocks of a communication partner are to be read
and written, you must configure two corresponding connections, which are
managed completely independently by the OPC UA server.
Block service The block-oriented services enable program-controlled transmission of larger
data blocks. These services are also referred to as SEND/RECEIVE services. The
transfer with the OPC UA server is realized by means of tags:
• Tags that receive data blocks
• Tags that send data blocks
A default size of the data blocks is specified in the configuration; the size can be
restricted when sending tags. Partial access within the data blocks is possible.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 87

 Additional Information

4.1.4. DP OPC UA server

The DP OPC UA server supports DP master class 1. The CLASS 1 DP master performs cyclic communication with the DP
slaves.
The DP OPC UA server supports the DP slave function DP-V0.

Process tags for the DP master with OPC UA

The DP OPC UA server for DP master mode offers process tags for the following services:
• Services for master class 1 access and monitoring of DP inputs and outputs
• Sync / Freeze: Acyclic sending of control telegrams to slave groups
• Fast logic for:
- CP 5613 A2 and CP 5614 A2 (DP master only):
Automatic monitoring of slave data
- CP 5623 and CP5624 (DP master only):
Automatic monitoring of slave data
• Diagnostics tags: Evaluation of static diagnostics

Process tags for the DP slave with OPC UA

The DP OPC UA server for DP slave operation offers process tags for the following services:

• Tag services for access to local slave data Access to the inputs and outputs of the slave
• Diagnostics tags: Evaluation of the static diagnostics of the slave

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 88

 Additional Information

4.2. Configuring and configuring a PC

station
Overview

Engineering
1

Downloading configuration data:

▪ via TIA Portal (local or remote)
▪ Station import (XDB file)

Virtual rack in the PC station

OPC
server

Configuration
Index 1 Index 2

Industrial Ethernet

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 89

 Additional Information
Design
In TIA Portal, you configure the PC station with the necessary components:

• Network adapter: e.g. "IE General"

• User application, e.g. "OPC server"
Set all necessary addresses and parameters, e.g. IP address and subnet mask of the network card.

Configuration
Use the "Station Configuration Editor" to insert the components into the virtual slots of the PC station and assign them
addresses and parameters.
Each component has a unique id number for communication between the components within the PC station and for
receiving configuration data. The code number for components in a PC station is the index. Corresponding to the slot of a
module in an S7 CPU, the index corresponds to a virtual slot in a PC station.

4.3. "Station Configuration Editor"

You have access to the component management of the "Station manager" in the PC station via the "Station Configuration
Editor".
You require the "Station Configuration Editor" for the initial configuration as well as the configuration and maintenance of
a PC station.
The "Station Configuration Editor" is the user interface of the station manager.

The "Station Configuration Editor" is on the PC-Station on which you install the "SIMATIC NET PC
Note
software" is always available and started.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 90

 Additional Information

4.3.1. Overview
The following figure shows the structure of the "Station Configuration Editor".

1. Components:
Components are the modules and the applications involved in communication tasks in the PC station. Configuration
and configuration data is required for these components.
2. Station manager:
The station manager keeps the configuration and configuration data of the components in the component
management (database).
In addition to the component configuration, the "Station Configuration Editor" can be used for diagnostic purposes.

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 91

 Additional Information

4.3.2. Area of application / applications

Initial configuration (commissioning)
When a component is commissioned for the first time, an initial configuration is required. The initial configuration is
executed for all newly installed components. The initial configuration defines an index (the "virtual slot number") of the
component.
After initial configuration of the components, the PC station is prepared for receiving configuration data. This step is
comparable to inserting components into the rack of an S7 station.

Configuration and maintenance

Changes in the configuration and configuration can be downloaded from the TIA Portal to the PC station (local or
remote). Alternatively, data can be transferred via an XDB file.
You can use the "Station Configuration Editor" to check the effects in the "Components" tab. You can obtain information
about the operating state at any time in the "Diagnostics" tab.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 92

 Additional Information

4.3.3. "Components" tab

The "Components" tab contains the essential functions for configuring a PC station.

• Assign station name

• Creating new components
• Apply component configuration and configuration data
• Control and diagnostics
• Setting the operating mode
The current operating mode is displayed in the header of the "Station Configuration Editor".
- Offline mode
In offline mode, changes to the configuration can only be made by direct input or by station import (XDB file). The
button ("Online Mode") is visible and can be operated to enter online mode.

- Online mode
In online mode, you have the option of downloading the configuration data directly to the PC station with TIA
Portal. An XDB import can be performed at any time. You can specify (option) whether the "Offline mode" mode is
to be adopted after the import.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 93

 Additional Information

• Lock and enable station:

As administrator, you have the option of protecting the configuration of the PC station against changes.
- Click the "Disable Station" button to lock the PC station.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 94

 Additional Information

- Click the "Enable Station" button to cancel the lock.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 95

 Additional Information

In the locked state, it is not possible to change the configuration. The following functions are disabled:
• Station import (XDB file)
• Loading the PC station via TIA Portal (local or remote)
• Changing the PC station in the "Station Configuration Editor"

The current status is displayed in the "Mode" field.

• RUN: The PC station is locked against changes.
• RUN_P: The PC station is released for changes.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 96

 Additional Information

4.4. Data blocks

STEP 7 (TIA Portal) offers data blocks with the following access options for the S7-1500 and S7-1200 automation systems:

• Data blocks with optimized access

• Data blocks with standard access

The S7-300 and S7-400 automation systems only support data blocks with standard access.

4.4.1. Data blocks with optimized access

Data blocks with optimized access do not have a permanently defined structure. The data elements do not contain a fixed
address within the data block in the declaration, but rather a symbolic name. The elements are automatically arranged in
the available memory area of the block so that there are no gaps in the memory. This means that the storage capacity is
optimally utilized.
The tags in this data block are identified by their symbolic name. To address the tags, enter the symbolic name of the tag.
Optimized block access has the following advantages:
• With pure symbolic addressing, you increase your engineering efficiency.
• Thanks to optimized block access, your automation system achieves a higher performance.

4.4.2. Data blocks with standard access

Data blocks with standard access have a fixed structure. The data elements contain a fixed address within the block and a
symbolic name in the declaration. The address is displayed in the "Offset" column.
You can address the tags in this data block symbolically and absolutely.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 97

 Additional Information

4.5. Types
Name Description Note

Standard S7 connection Simple S7 connection Possible via PROFIBUS and ProfiNet, a

single S7 connection is required for each
send and receive direction.

Optimized S7 connection
Further development of the standard S7
connection
As of STEP 7 V12, optimized connections
are created for the devices by default.
The send and receive directions are
grouped together in a configured
connection.

S7Plus connection Encrypted optimized S7 connection As of STEP 7 V17, optimized S7

connections can also be encrypted.

Table 4-4 S7 connection types

4.5.1. Optimized S7 connections

As of STEP 7 Professional V17, standard standards no longer create simple S7 connections, but S7 optimized-Connections.
These can also be encrypted as of V17. To do this, the PLC requires a TLS server certificate. S7 optimized connections are
also referred to as S7Plus connections.
• S7Plus connections can only be used with devices as of the STEP 7 Professional V17 configuration environment.
• It is possible to establish connections to older devices at the same time. These are automatically unencrypted.
As of version V12, the SIMATIC NET OPC UA server can access optimized data blocks of the S7-1200 CPU (firmware V4 or
higher) and S7-1500 CPU. Since SIMATIC NET OPC UA Server V17 also encrypted.
Optimized data blocks no longer use absolute addresses. The tags can only be accessed via their symbol names. This
means that optimized data blocks are type-safe. This reduces the number of error sources.
The optimized data blocks are in the "SYM" folder of the S7-1500 station or S7-1200 station in the name space of the
SIMATIC NET OPC UA server.
Network access to optimized data blocks is made via the new "S7Opt" protocol.
By default, all S7 connections to S7-1200 CPUs (firmware V4 or higher) and to S7-1500 CPUs are optimized S7
connections. S7 connections to S7-1200 CPUs and S7-1500 CPUs are configured in the same way as for S7 CPUs and S7-
400 CPUs. There are restrictions here:

• Optimized S7 connections including optimized data blocks can only be used via OPC UA. DCOM-based OPC clients
cannot access optimized data blocks.
• The SIMATIC NET software must have V12, for encrypted connections V17 or higher.
• Smaller quantity structure for CP1613 A2. Only 40 optimized S7 connections are possible for this CP.

4.5.2. Standard S7 interconnections

The S7-300 CPUs and S7-400 CPUs only support data blocks with standard access. It is possible to access the tags of a data
block with standard access via the absolute address or via the symbol name.
The icons of the data block with standard access are located in the "SYM" folder of the S7-300 station or S7-400 station in
the name space of the SIMATIC NET OPC UA server.
Network access to data blocks with standard access is via the "S7" protocol.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 98

 Additional Information

4.6. Syntax for accessing absolute

addresses
The following figure shows the structure of the syntax in the OPC client for accessing the node ID of the node in order to
access the absolute addresses of the S7 tags.
Figure 4-1

PG / PC

OPC client

User program
Access to NodeId of the node:

1 2 3 4 5 6

S7: S7 connection PC. DB1. 8, b, 10

Table 4-5
No. Description Value
1 Protocol S7
2 Connection name S7 connection PC
3 Object DB
4 Start address 8
5 Type b (byte)
6 Number 10

Unrestricted

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 99

 Additional Information

4.7. OPC UA protocols

The communication protocol of OPC UA is TCP-based at the lowest level and can therefore be used across platforms, also
on embedded systems. Secure, encrypted transmission is required in all cases.
According to the standard, the following options are available as a protocol on the OPC UA user interface:

• Simple XML/SOAP with "HTTP" via port 80 or with "HTTPS" via port 443.
• Binary TCP via port 4840 and other ports such as port 55101 to port 55105, if additional servers are added.

The protocol can be used via the URL address of the OPC UA server on the OPC-user interface. Alternatively, the following
two options are available.

• OPC UA XML Web services, specifying a URL, e.g.

- http://<hostname>:80
- https://<hostname>:443
• Pure (native) binary TCP protocol, specifying:
- opc.tcp://<hostname>:4840

4.7.1. XML Web services

XML can be used very easily with common development environments for OPC UA applications.
The firewall is usually enabled for HTTP port 80 and HTTPS port 443 or can be easily enabled for these ports. For this
reason, Internet access is usually possible without further configuration for the use of XML Web services.

4.7.2. Pure (native) binary TCP protocol

Under OPC UA, the "OPC UA native binary" protocol has the highest transmission rate because the data is transferred in
compressed form and therefore little packaging information must be used. It requires the least additional effort. For
example, no XML parser required for SOAP and HTTP is required.
The format is normalized to binary level. This stabilizes data exchange between the OPC UA client and server because
there are no degrees of freedom such as spaces or comments in XML.
For communication, the TCP port 4840 specifically specified for this is used for the "OPC UA native binary" protocol and
port 55101 to port 55105 for the SIMATIC NET OPC server, depending on the protocol. These ports can be enabled or
disabled defined in a firewall.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 100

 Additional Information

4.8. Structure of the namespace for OPC

UA
The namespace for OPC UA no longer consists only of folders, items and properties. It is a network of nodes with
additional information and links.
The nodes are used both for user data (instances) and for additional information such as type descriptions of data (types).
The nodes of OPC UA can be subdivided as follows:
• Types
These are the node types specified in the OPC UA specification and, if applicable, by the respective manufacturer,
which are uniquely defined with regard to their properties and attributes. The following four basic types are available:
- ObjectTypes
- VariableTypes
- Reference Types
- DataTypes
The types are used as type descriptions for the instances.
• Instances
These are the instances of the objects of your real project. With regard to their properties, they reference different
types depending on the type of node.
The root of your OPC UA server organizes both the types and the instances. Organizing includes the definition of
additional nodes.
A node can have the following properties:
• Attributes that can be read
• Methods that can be called
• Events that can be reported
Many standard nodes are specified by the OPC UA specification. Additional node types can be added manufacturer
specific. The namespace is displayed in a tree structure in OPC Scout V10.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 101

 Additional Information

4.9. Browsing the OPC UA namespace

The "Browse" and "Read" services are available for browsing the OPC UA namespace.
The response returns the required value (reference, property or attribute).

4.9.1. "Browse"
This service is used to determine the references (links) of a node.

4.9.2. "Read"
This service is used to determine one or more attributes of one or more nodes.

4.10. Reading and writing attribute values

from nodes
The two services "Read" and "Write" are available for reading and writing the attribute values of nodes.

4.10.1. "Read"
This service is used to determine one or more attributes of one or more nodes. With structured attribute values whose
elements are indexed as for an array, clients can read the entire set of indexed values in the group, they can read certain
areas of the block or individual elements.
The currentness of the values is determined using the "maxAge" parameter.

4.10.2. "Write"
This service is used to write values to one or more attributes of one or more nodes. With structured attribute values whose
elements are indexed as for an array, clients can write the entire set of indexed values in the group, they can write certain
areas of the block or individual elements.
The service job is pending until the values have been written or until it has been determined that the values could not be
written.
Access to "Read" and "Write" takes place via the NodeId of the respective node or nodes. The NodeId is the identifier of a
node in the namespace of OPC UA.

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 102

 Appendix

5. Appendix
5.1. Service and support
SiePortal
The integrated platform for product selection, purchasing and support - and connection of Industry Mall and Online
support. The SiePortal home page replaces the previous home pages of the Industry Mall and the Online Support Portal
(SIOS) and combines them.
• Products & Services
In Products & Services, you can find all our offerings as previously available in Mall Catalog.
• Support
In Support, you can find all information helpful for resolving technical issues with our products.
• mySieportal
mySiePortal collects all your personal data and processes, from your account to current orders, service requests and
more. You can only see the full range of functions here after you have logged in.
You can access SiePortal via this address: sieportal.siemens.com

Industry Online Support

Industry Online Support is the previous address for information on our products, solutions and services.
Product information, manuals, downloads, FAQs and application examples - all information is available with just a few
mouse clicks: support.industry.siemens.com

Technical Support
The Technical Support of Siemens Industry provides you fast and competent support regarding all technical queries with
numerous tailor-made offers – ranging from basic support to individual support contracts.
Please send queries to Technical Support via Web form: support.industry.siemens.com/cs/my/src

SITRAIN – Digital Industry Academy

We support you with our globally available training courses for industry with practical experience, innovative learning
methods and a concept that’s tailored to the customer’s specific needs.
For more information on our offered trainings and courses, as well as their locations and dates, refer to our web page:
siemens.com/sitrain

Industry Online Support app

You will receive optimum support wherever you are with the "Industry Online Support" app. The app is available for iOS
and Android:

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 103

 Appendix

5.2. Links and literature

Table 5-1
No. Topic
\1\ Siemens Industry Online Support
https://support.industry.siemens.com
\2\ Link to the entry page of the application example
https://support.industry.siemens.com/cs/ww/en/view/67295801
\3\ SIMATIC NET PC Software Industrial Communication with PG/PC Volume 1 - System Manual Basics
https://support.industry.siemens.com/cs/ww/en/view/77376110
\4\ SIMATIC NET: PC Software Industrial Communication with PG/PC Volume 2 - Interfaces
https://support.industry.siemens.com/cs/ww/en/view/77378184
\5\ SIMATIC NET: Commissioning PC Software PC Stations - Instructions and Quick Start
https://support.industry.siemens.com/cs/ww/en/view/77377601

5.3. Change documentation

Table 5-2
Version Date Change
V1.0 05/2014 First edition
V2.0 01/2020 Complete revision
V2.1 01/2024 Update to STEP 7 V19

Entry ID: 67295801 V2.1 01/2024 © Siemens 2024 104