RTA's Blog
It’s a Polyglot World, After All…
Feb
An Introduction to Siemens Controllers for AB Control Engineers
Manufacturing is now a “polyglot” or multi-lingual world. Most of us must talk Siemens SIMATIC as well as we talk AB ControlLogix talk. This article is an introduction to the Simatic controller families for those of us who haven’t used a lot of Siemens.
What is “SIMATIC”
SIMATIC is the name of the Siemens automation system. Formed from the combination of the name Siemens and the word “autoMATIC”, it represents the entire Siemens automation product line including programmable controllers, HMIs, software, Industrial Process Control (IPC), IO-Systems, Mindsphere (Siemens’ IoT platform) and more.
S7 Controller Families
The S7-1200 and S7-1500 are the most popular current controllers with a Panel PC that combines the power of 1500 with PC capabilities. Devices can exchange communication with Siemens S7 controllers using the Central CPU, the Communication Processor (CP) or the Communication Module (CM).
Controller Memory Organization
Everything in a controller revolves around the controller’s memory organization. Like many other controllers, the S7 programmable controller memory is segmented into areas related to controller operation and programming. The S7 memory areas are:
| I | Input |
| Q | Output |
| M | Memory Bit |
| DB | Data Block Memory |
| T | Timers |
| C | Counters |
Timers (T) and Counters (C) are areas that are deprecated and being replaced by newer methods. T and C memory areas continue to be used in old S7-300 and S7-400 programs. They are also used by newer processors when original S7-300 and S7-400 programs are loaded into new controllers. But in the latest controllers, DB memory is automatically allocated to support Timer and Counter operation when programmers implement Timers or Counters.
All memory areas are addressed (except for the data block memory) using a 32-bit byte address starting at address zero. Data block memory in older controllers is addressed using a 48-bit byte address and, in newer controllers, with a tag name.
I, Q and M memory areas are addressed with the area designation, a data size identifier, and the 32-bit byte offset. Data size identifiers include standards like “B” for byte, “W” for word and “D” for double word. Some examples include:
| IB200 | The byte at byte offset 200 (201st byte) |
| IW200 | The word at byte offset 200, the first half of which includes IB200 |
| ID200 | The double word at byte offset 200, made up of IW200 and IW202 and the first byte of which contains IB200 |
Addressing each area of the data table using byte offsets is a unique feature of the SIMATIC address table. Other controllers use either word offsets or allow the programmer to use multiple offset types, which can lead to a lot of memory overlap issues.
Bits can be addressed by forming an address without a size identifier. I0.1 is the second bit of the first input byte. Q200.7 is the last bit of the 201st byte in the output address table. Bits can only be addressed within a byte using bit addresses 0 to 7.
Data block memory is used in all SIMATIC controllers, but access to the data block memory in newer controllers uses tags. In older controllers, data block memory is identified with a data block number and element ID (DBxx.DByy z) where xx is the data block number, yy is the memory size (X-bit, B-byte, W-Word, D-Double), and z is the byte offset into the data block. Some examples include:
| DB1.DBW 0 | Data Block 1, byte offset 0, addressed as a word |
| DB5.DBB 2 | Data Block 5, byte offset 2, addressed as a byte |
| DB1.DBX 4.1 | Data Block 1, byte offset 4, bit 1, addressed as a bit |
In older controllers, all data blocks are allocated and controlled by the user program. The user must track what data blocks are used and how the memory within the data block is used.
The number of data blocks varies with the memory available in particular controllers.
In newer controllers, TIA (Totally Integrated Automation) Portal keeps track of data blocks and their contents leading to many fewer programming errors.
Programming Tools
There are two main programming tools available to S7 control engineers building applications:
| STEP 7 | Also known as Step 7 Classic, this is the original program development tool provided with the introduction of the SIMATIC S7 programmable controller family. It is still used for the legacy S7-300 and S7-400 controllers. |
| TIA PORTAL | More than a programming tool, TIA includes digitalized automation services, digital planning, and integrated engineering transparent operation. |
Communication Options
The S7 family of controllers supports a wide range of communication protocol options. Note that not all communication options are available on every controller.
GLOBAL DATA COMMUNICATION – Small message packet CPU-CPU data exchange for S7-300 and S7-400 controllers over MPI using the S7 protocol.
S7 BASIC – S7 Basic communication is used for CPU-CPU data exchange with a CPU within the station (expansion unit) or outside the station.
S7 Protocol – S7 is the backbone of Siemens communication and supported by the entire SIMATIC product line. Media-independent, the S7 Protocol is used with MPI, PROFIBUS, and Industrial Ethernet media. S7 protocol is used by SIMATIC CPUs, Control Processors (CP) and Communication Modules (CM).
PROFINET CONTROLLER – the controller side of PROFINET controller to end device communication.
PROFINET DEVICE – The end-device side of PROFINET controller to end device communication.
PROFINET IRT – Isochronous Real Time (IRT) is a very high-speed communications mechanism used primarily for motion control applications. IRT is implemented using a custom ASIC.
PROFIBUS DP MASTER – The master-device side of a PROFIBUS connection.
PROFIBUS DP SLAVE – The end-device side of a PROFIBUS connection.
OPC UA – A more secure, open and reliable mechanism for transferring information between servers and clients than standard OPC.
OPEN COMMUNICATION – A series of open, standard Ethernet protocols including TCP, ISO (International Standards Organization) on TCP, UDP, and ISO.
MODBUS – Simple communication protocol developed by Modicon using uncomplicated data representation and simple memory addressing over RS485 media.
MODBUS TCP – Ethernet version of Modbus with the same data representation and command structure using TCP transport.
S7 Communication Overview
SIMATIC S7 controllers support an S7 communication protocol that provides controller-to-controller communication, controller-to-operator interface communication, and communication with non-SIMATIC devices. Communication is provided by various components on different programmable controllers. Communication can originate with the CPU itself, the Communications Processor (CP) or the Communications Module (CM).
Communications Modes
Three operations modes are available. In CLIENT Mode, the programmable controller initiates communications and can read and write to another S7 programmable controller, HMI, or other end-device. In SERVER mode, the programmable controller waits for another controller or end-device to initiate communications. In PARTNER mode, each end of the communications link can exchange unsolicited data once the connection is established.
It’s more important than ever when it comes to controllers to be multi-lingual. The days of spending your career working at one company on one kind of controller are over. Those of us that have spent the majority of our time on AB controllers need to be fluent in Siemens SIMATIC which, it turns out, isn’t the giant leap that some of us think it is.
