Anybus AB6690, AB6651, AB6751, ABCC40STK User guide

  • Hello! I've reviewed the Anybus CompactCom 40 EtherNet/IP IIoT Secure Network Guide and I'm ready to assist you with any questions about it. This document covers how to configure the module for secure industrial network communications, including setting up certificates, using the web interface, and understanding network messaging. It also details advanced features of OPC UA and MQTT. Let me know what you need help with!
  • How can I set an IP address for the device?
    What is the purpose of the Anybus Certificate Generator?
    What kind of data exchange is available?
    How can I access the web interface?
    What is the function of the File System?
    What are the main functions of OPC UA?
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
NETWORK GUIDE
SCM-1202-069
Version 3.2
Publicaon date 2024-01-16
ENGLISH
Important User Informaon
Disclaimer
The informaon in this document is for informaonal purposes only. Please inform HMS Networks of any
inaccuracies or omissions found in this document. HMS Networks disclaims any responsibility or liability for
any errors that may appear in this document.
HMS Networks reserves the right to modify its products in line with its policy of connuous product
development. The informaon in this document shall therefore not be construed as a commitment on the
part of HMS Networks and is subject to change without noce. HMS Networks makes no commitment to
update or keep current the informaon in this document.
The data, examples and illustraons found in this document are included for illustrave purposes and
are only intended to help improve understanding of the funconality and handling of the product. In
view of the wide range of possible applicaons of the product, and because of the many variables and
requirements associated with any parcular implementaon, HMS Networks cannot assume responsibility
or liability for actual use based on the data, examples or illustraons included in this document nor for
any damages incurred during installaon of the product. Those responsible for the use of the product
must acquire sucient knowledge in order to ensure that the product is used correctly in their specic
applicaon and that the applicaon meets all performance and safety requirements including any applicable
laws, regulaons, codes and standards. Further, HMS Networks will under no circumstances assume liability
or responsibility for any problems that may arise as a result from the use of undocumented features or
funconal side eects found outside the documented scope of the product. The eects caused by any direct
or indirect use of such aspects of the product are undened and may include e.g. compability issues and
stability issues.
Copyright © 2024 HMS Networks
Contact Informaon
Postal address:
Box 4126
300 04 Halmstad, Sweden
Table of Contents
1. Preface .................................................................................................................................. 1
1.1. About this document ........................................................................................................ 1
1.2. Related Documents ........................................................................................................... 1
1.3. Document History ............................................................................................................ 2
1.4. Document Convenons ..................................................................................................... 3
1.5. Document Specic Convenons .......................................................................................... 4
1.6. Abbreviaons .................................................................................................................. 4
1.7. Trademarks ..................................................................................................................... 4
2. About the Anybus CompactCom 40 EtherNet/IP IIoT Secure ........................................................... 5
2.1. General .......................................................................................................................... 5
2.2. Features ......................................................................................................................... 6
2.3. IIoT – Industrial Internet of Things ....................................................................................... 6
2.4. Security .......................................................................................................................... 6
2.4.1. Backdoor Freedom Declaraon .................................................................................... 7
2.5. Cercates ...................................................................................................................... 7
2.5.1. Inial Device Cercate ............................................................................................. 7
2.5.2. Cercate Authories ................................................................................................ 7
2.5.3. Device Cercates .................................................................................................... 7
3. Inial Setup and Account Conguraon ...................................................................................... 8
3.1. Set an IP Address .............................................................................................................. 8
3.2. Congure First Administrator Account .................................................................................. 8
3.3. Install Cercates Using Anybus Cercate Generator ............................................................ 10
3.3.1. Install a CA Cercate Using Anybus Cercate Generator ............................................... 10
3.3.2. Install a Device Cercate Using Anybus Cercate Generator ......................................... 12
3.4. Install Cercates Using the Web Interface ........................................................................... 15
3.4.1. Install a CA Cercate Using the Web Interface ............................................................. 15
3.4.2. Install a Device Cercate Using the Web Interface ........................................................ 17
3.5. Protect the IP Conguraon .............................................................................................. 21
3.6. Account Conguraon ...................................................................................................... 22
4. Basic Operaon ...................................................................................................................... 23
4.1. General Informaon ........................................................................................................ 23
4.1.1. Soware Requirements ............................................................................................. 23
4.1.2. Electronic Data Sheet (EDS) ........................................................................................ 24
4.2. Network Identy ............................................................................................................. 24
4.3. Authencaon, Passwords, and User Roles .......................................................................... 25
4.4. Communicaon Sengs ................................................................................................... 26
4.4.1. Communicaon Sengs in Stand Alone Shi Register Mode ............................................ 27
4.5. Beacon Based DLR (Device Level Ring) ................................................................................. 28
4.6. Network Data Exchange .................................................................................................... 28
4.6.1. Applicaon Data ...................................................................................................... 28
4.6.2. Process Data ........................................................................................................... 28
4.6.3. Translaon of Data Types .......................................................................................... 29
4.7. Web Interface ................................................................................................................. 29
4.8. E-mail Client ................................................................................................................... 29
4.9. Modular Device Funconality ............................................................................................ 30
4.10. File System ................................................................................................................... 31
4.10.1. Overview .............................................................................................................. 31
4.10.2. General Informaon ............................................................................................... 31
4.10.3. System Files .......................................................................................................... 32
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
5. EtherNet/IP Implementaon Details .......................................................................................... 33
5.1. General Informaon ........................................................................................................ 33
5.2. EtherNet/IP & CIP Implementaon ..................................................................................... 33
5.3. Using the Assembly Mapping Object (EBh) ........................................................................... 34
5.3.1. Introducon ............................................................................................................ 34
5.3.2. Adding Data - The Applicaon Data Object ................................................................... 34
5.3.3. Grouping Data - The Assembly Mapping Object ............................................................. 35
5.3.4. Conguring CIP Assembly Numbers ............................................................................. 36
5.3.5. Going Forward ........................................................................................................ 36
5.4. Socket Interface (Advanced Users Only) ............................................................................... 36
5.5. Diagnoscs ..................................................................................................................... 37
5.6. QuickConnect ................................................................................................................. 37
5.7. CIP Safety ....................................................................................................................... 37
5.7.1. Safety Module Firmware Upgrade ............................................................................... 37
5.7.2. Reset Request from Network ..................................................................................... 37
5.8. Link Layer Discovery Protocol ............................................................................................. 38
6. Secure Web Server (HTTPS) ...................................................................................................... 39
6.1. General Informaon ........................................................................................................ 39
6.2. Default Web Pages ........................................................................................................... 40
6.2.1. Network Conguraon .............................................................................................. 41
6.2.2. Ethernet Stascs Page ............................................................................................. 44
6.3. Server Conguraon ........................................................................................................ 46
6.3.1. Default Content Types ............................................................................................... 48
6.4. Login ............................................................................................................................. 48
6.5. Logout ........................................................................................................................... 49
6.6. Cross Site Request Forgery (CSRF) Protecon ........................................................................ 49
7. JSON .................................................................................................................................... 50
7.1. General Informaon ........................................................................................................ 50
7.1.1. Encoding ................................................................................................................ 50
7.1.2. Access ................................................................................................................... 50
7.1.3. Security ................................................................................................................. 50
7.1.4. Error Response ........................................................................................................ 50
7.2. Cross Site Request Forgery (CSRF) Protecon ........................................................................ 51
7.3. Supported JSON funcons ................................................................................................. 52
7.4. JSON API ........................................................................................................................ 53
7.4.1. ADI ........................................................................................................................ 53
7.4.2. Module .................................................................................................................. 59
7.4.3. Network ................................................................................................................. 60
7.4.4. Services ................................................................................................................. 68
7.4.5. Security ................................................................................................................. 69
7.4.6. cacerts.json & devcerts.json ....................................................................................... 74
7.4.7. installcacert.json & installdevcert.json ......................................................................... 77
7.4.8. deletecacert.json & deletedevcert.json ........................................................................ 77
7.4.9. cfgcertusage.json ..................................................................................................... 78
7.4.10. Hex Format Explained ............................................................................................. 79
7.5. Example ........................................................................................................................ 79
8. File Transfer Protocol (WebDAV) ............................................................................................... 80
8.1. WebDAV Conguraon ..................................................................................................... 80
8.2. WebDAV ........................................................................................................................ 81
9. E-mail Client .......................................................................................................................... 83
9.1. General Informaon ........................................................................................................ 83
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
9.2. How to Send E-mail Messages ............................................................................................ 83
10. OPC UA ............................................................................................................................... 84
10.1. General ........................................................................................................................ 84
10.2. Conguraon ................................................................................................................ 85
10.2.1. Parameters ........................................................................................................... 85
10.2.2. Access Conguraon ............................................................................................... 86
10.3. CompactCom 40 Device Type Informaon Model ................................................................. 87
10.3.1. CompactCom 40 Device Type Namespaces .................................................................. 89
10.3.2. Idencaon Parameters ......................................................................................... 90
10.3.3. Applicaon Data Exchange ....................................................................................... 92
10.4. Applicaon Dened Informaon Model ............................................................................. 98
10.4.1. Applicaon Dened Namespaces .............................................................................. 99
10.4.2. Submodels .......................................................................................................... 100
10.4.3. Idencaon Parameters ....................................................................................... 101
10.4.4. Applicaon Data .................................................................................................. 102
10.5. Time .......................................................................................................................... 103
10.6. Server Endpoints ......................................................................................................... 104
10.6.1. SecurityPolicies .................................................................................................... 104
10.6.2. UserIdentyTokens ............................................................................................... 104
10.6.3. Endpoints ........................................................................................................... 105
10.7. Error Code Translaon .................................................................................................. 109
10.7.1. Error Code Translaon when Accessing the Applicaon Data Object .............................. 109
10.8. Stack Conguraon ...................................................................................................... 110
10.8.1. Connecon Conguraon ...................................................................................... 110
10.8.2. Data Subscripon Conguraon .............................................................................. 110
10.8.3. Resource Conguraon ......................................................................................... 111
11. MQTT ............................................................................................................................... 112
11.1. MQTT Conguraon ..................................................................................................... 113
11.2. Connecon Setup ........................................................................................................ 113
11.3. Publicaons ................................................................................................................ 114
11.3.1. Topic .................................................................................................................. 116
11.3.2. Dataset Encoding ................................................................................................. 117
11.4. Stack Conguraon ...................................................................................................... 119
12. CIP Objects ........................................................................................................................ 120
12.1. General Informaon ..................................................................................................... 120
12.2. Translaon of Status Codes ............................................................................................ 121
12.3. Identy Object (01h) .................................................................................................... 122
12.3.1. Category ............................................................................................................. 122
12.3.2. Object Descripon ................................................................................................ 122
12.3.3. Supported Services ............................................................................................... 122
12.3.4. Class Aributes .................................................................................................... 122
12.3.5. Instance Aributes ............................................................................................... 123
12.3.6. Device Status ....................................................................................................... 123
12.3.7. Service Details: Reset ............................................................................................ 124
12.4. Message Router (02h) ................................................................................................... 124
12.4.1. Category ............................................................................................................. 124
12.4.2. Object Descripon ................................................................................................ 124
12.4.3. Supported Services ............................................................................................... 124
12.4.4. Class Aributes .................................................................................................... 124
12.4.5. Instance Aributes ............................................................................................... 124
12.5. Assembly Object (04h) .................................................................................................. 125
12.5.1. Category ............................................................................................................. 125
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
12.5.2. Object Descripon ................................................................................................ 125
12.5.3. Supported Services ............................................................................................... 125
12.5.4. Class Aributes .................................................................................................... 125
12.5.5. Instance 03h Aributes (Heartbeat, Input-Only) ......................................................... 125
12.5.6. Instance 04h Aributes (Heartbeat, Listen-Only) ........................................................ 126
12.5.7. Instance 05h Aributes (Conguraon Data) ............................................................. 126
12.5.8. Instance 06h Aributes (Heartbeat, Input-Only Extended) ........................................... 126
12.5.9. Instance 07h Aributes (Heartbeat, Listen-Only Extended) .......................................... 126
12.5.10. Instance 64h Aributes (Producing Instance) ........................................................... 127
12.5.11. Instance 96h Aributes (Consuming Instance) .......................................................... 127
12.6. Connecon Manager (06h) ............................................................................................ 128
12.6.1. Category ............................................................................................................. 128
12.6.2. Object Descripon ................................................................................................ 128
12.6.3. Supported Services ............................................................................................... 128
12.6.4. Class Aributes .................................................................................................... 128
12.6.5. Instance Aributes ............................................................................................... 128
12.6.6. Class 0 Connecon Details ..................................................................................... 129
12.6.7. Class 1 Connecon Details ..................................................................................... 129
12.6.8. Class 3 Connecon Details ..................................................................................... 131
12.7. Parameter Object (0Fh) ................................................................................................. 132
12.7.1. Category ............................................................................................................. 132
12.7.2. Object Descripon ................................................................................................ 132
12.7.3. Supported Services ............................................................................................... 132
12.7.4. Class Aributes .................................................................................................... 132
12.7.5. Instance Aributes ............................................................................................... 133
12.7.6. Default Values ..................................................................................................... 134
12.8. DLR Object (47h) ......................................................................................................... 135
12.8.1. Category ............................................................................................................. 135
12.8.2. Object Descripon ................................................................................................ 135
12.8.3. Supported Services ............................................................................................... 135
12.8.4. Class Aributes .................................................................................................... 135
12.8.5. Instance Aributes ............................................................................................... 135
12.9. QoS Object (48h) ......................................................................................................... 136
12.9.1. Category ............................................................................................................. 136
12.9.2. Object Descripon ................................................................................................ 136
12.9.3. Supported Services ............................................................................................... 136
12.9.4. Class Aributes .................................................................................................... 136
12.9.5. Instance Aributes ............................................................................................... 136
12.10. Base Energy Object (4Eh) ............................................................................................. 137
12.10.1. Category ........................................................................................................... 137
12.10.2. Object Descripon .............................................................................................. 137
12.10.3. Supported Services ............................................................................................. 137
12.10.4. Class Aributes .................................................................................................. 137
12.10.5. Instance Aributes ............................................................................................. 138
12.11. Power Management Object (53h) ................................................................................. 139
12.11.1. Category ........................................................................................................... 139
12.11.2. Object Descripon .............................................................................................. 139
12.11.3. Supported Services ............................................................................................. 139
12.11.4. Class Aributes .................................................................................................. 139
12.11.5. Instance Aributes ............................................................................................. 139
12.12. ADI Object (A2h) ........................................................................................................ 140
12.12.1. Category ........................................................................................................... 140
12.12.2. Object Descripon .............................................................................................. 140
12.12.3. Supported Services ............................................................................................. 140
12.12.4. Class Aributes .................................................................................................. 140
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
12.12.5. Instance Aributes ............................................................................................. 141
12.13. Port Object (F4h) ....................................................................................................... 142
12.13.1. Category ........................................................................................................... 142
12.13.2. Object Descripon .............................................................................................. 142
12.13.3. Supported Services ............................................................................................. 142
12.13.4. Class Aributes .................................................................................................. 142
12.13.5. Instance Aributes (Instance #1) ........................................................................... 143
12.13.6. Instance Aributes (Instances #2... #8) ................................................................... 143
12.14. TCP/IP Interface Object (F5h) ........................................................................................ 144
12.14.1. Category ........................................................................................................... 144
12.14.2. Object Descripon .............................................................................................. 144
12.14.3. Supported Services ............................................................................................. 144
12.14.4. Class Aributes .................................................................................................. 144
12.14.5. Instance Aributes ............................................................................................. 145
12.15. Ethernet Link Object (F6h) ........................................................................................... 147
12.15.1. Category ........................................................................................................... 147
12.15.2. Object Descripon .............................................................................................. 147
12.15.3. Supported Services ............................................................................................. 147
12.15.4. Class Aributes .................................................................................................. 147
12.15.5. Instance Aributes ............................................................................................. 148
12.16. LLDP Management Object (109h) .................................................................................. 151
12.17. LLDP Data Table Object (10Ah) ...................................................................................... 152
13. Anybus Module Objects ....................................................................................................... 154
13.1. General Informaon ..................................................................................................... 154
13.2. Anybus Object (01h) ..................................................................................................... 155
13.2.1. Category ............................................................................................................. 155
13.2.2. Object Descripon ................................................................................................ 155
13.2.3. Supported Commands .......................................................................................... 155
13.2.4. Object Aributes (Instance #0) ............................................................................... 155
13.2.5. Instance Aributes (Instance #1) ............................................................................. 155
13.2.6. Command Details: Reset ........................................................................................ 156
13.3. Diagnosc Object (02h) ................................................................................................. 157
13.3.1. Category ............................................................................................................. 157
13.3.2. Object Descripon ................................................................................................ 157
13.3.3. Supported Commands .......................................................................................... 157
13.3.4. Object Aributes (Instance #0) ............................................................................... 157
13.3.5. Instance Aributes (Instance #1) ............................................................................. 157
13.4. Network Object (03h) ................................................................................................... 158
13.4.1. Category ............................................................................................................. 158
13.4.2. Object Descripon ................................................................................................ 158
13.4.3. Supported Commands .......................................................................................... 158
13.4.4. Object Aributes (Instance #0) ............................................................................... 158
13.4.5. Instance Aributes (Instance #1) ............................................................................. 158
13.5. Network Conguraon Object (04h) ................................................................................ 159
13.5.1. Category ............................................................................................................. 159
13.5.2. Object Descripon ................................................................................................ 159
13.5.3. Supported Commands .......................................................................................... 159
13.5.4. Object Aributes (Instance #0) ............................................................................... 159
13.5.5. Instance Aributes (Instance #3, IP Address) ............................................................. 160
13.5.6. Instance Aributes (Instance #4, Subnet Mask) .......................................................... 160
13.5.7. Instance Aributes (Instance #5, Gateway Address) .................................................... 160
13.5.8. Instance Aributes (Instance #6, DHCP Enable) .......................................................... 161
13.5.9. Instance Aributes (Instance #7 Ethernet Communicaon Sengs 1) ............................ 161
13.5.10. Instance Aributes (Instance #8 Ethernet Communicaon Sengs 2) ........................... 162
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
13.5.11. Instance Aributes (Instance #9, DNS1) .................................................................. 162
13.5.12. Instance Aributes (Instance #10, DNS2) ................................................................ 163
13.5.13. Instance Aributes (Instance #11, Host name) ......................................................... 163
13.5.14. Instance Aributes (Instance #12, Domain name) ..................................................... 163
13.5.15. Instance Aributes (Instance #13, SMTP Server) ....................................................... 164
13.5.16. Instance Aributes (Instance #14, SMTP User) ......................................................... 164
13.5.17. Instance Aributes (Instance #15, SMTP Password) ................................................... 165
13.5.18. Instance Aributes (Instance #16, MDI 1 Sengs ) .................................................... 165
13.5.19. Instance Aributes (Instance #17, MDI 2 Sengs ) .................................................... 165
13.5.20. Instance Aributes (Instances #18 and #19) ............................................................. 166
13.5.21. Instance Aributes (Instance #20, QuickConnect) ..................................................... 166
13.5.22. Instance Aributes (Instance #40, OPC UA TCP Port) ................................................. 166
13.5.23. Instance Aributes (Instance #41, OPC UA Discovery Server) ...................................... 167
13.5.24. Instance Aributes (Instance #42, OPC UA SecurityPolicyNone) (Deprecated) ................ 167
13.5.25. Instance Aributes (Instance #43, OPC UA UserTokenPolicies) .................................... 167
13.5.26. Instance Aributes (Instance #44, OPC UA SecurityPolicies) ........................................ 168
13.5.27. Instance Aributes (Instance #45, OPC UA MessageSecurityModes) ............................. 168
13.5.28. Instance Aributes (Instance #46, OPC UA Cercate Authencaon) .......................... 168
13.5.29. Instance Aributes (Instance #50, MQTT Broker URL) ................................................ 169
13.5.30. Instance Aributes (Instance #51, MQTT Client Idener) .......................................... 169
13.5.31. Instance Aributes (Instance #52, MQTT Keep Alive) ................................................. 169
13.5.32. Instance Aributes (Instance #53, MQTT Username) ................................................. 170
13.5.33. Instance Aributes (Instance #54, MQTT Password) .................................................. 170
13.5.34. Instance Aributes (Instance #55, MQTT Base Topic) ................................................. 170
13.5.35. Instance Aributes (Instance #56, MQTT QoS) ......................................................... 171
13.5.36. Instance Aributes (Instance #57, MQTT TLS) .......................................................... 171
13.5.37. Instance Aributes (Instance #60, NTP Server) ......................................................... 172
13.5.38. Mullingual Strings ............................................................................................. 173
13.6. Socket Interface Object (07h) ......................................................................................... 174
13.6.1. Category ............................................................................................................. 174
13.6.2. Object Descripon ................................................................................................ 174
13.6.3. Supported Commands .......................................................................................... 174
13.6.4. Object Aributes (Instance #0) ............................................................................... 174
13.6.5. Instance Aributes (Sockets #1...Max. no. of instances) ............................................... 175
13.6.6. Command Details: Create ...................................................................................... 176
13.6.7. Command Details: Delete ...................................................................................... 177
13.6.8. Command Details: Bind ......................................................................................... 177
13.6.9. Command Details: Shutdown ................................................................................. 178
13.6.10. Command Details: Listen ...................................................................................... 179
13.6.11. Command Details: Accept .................................................................................... 180
13.6.12. Command Details: Connect .................................................................................. 181
13.6.13. Command Details: Receive ................................................................................... 182
13.6.14. Command Details: Receive_From .......................................................................... 183
13.6.15. Command Details: Send ....................................................................................... 184
13.6.16. Command Details: Send_To .................................................................................. 185
13.6.17. Command Details: IP_Add_Membership ................................................................. 186
13.6.18. Command Details: IP_Drop_Membership ................................................................ 187
13.6.19. Command Details: DNS_Lookup ............................................................................ 188
13.6.20. Socket Interface Error Codes (Object Specic) .......................................................... 189
13.6.21. Message Segmentaon ........................................................................................ 190
13.7. SMTP Client Object (09h) .............................................................................................. 192
13.7.1. Category ............................................................................................................. 192
13.7.2. Object Descripon ................................................................................................ 192
13.7.3. Supported Commands .......................................................................................... 192
13.7.4. Object Aributes (Instance #0) ............................................................................... 192
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
13.7.5. Instance Aributes (Instance #1) ............................................................................. 192
13.7.6. Command Details: Create ...................................................................................... 193
13.7.7. Command Details: Delete ...................................................................................... 193
13.7.8. Command Details: Send E-mail From File .................................................................. 194
13.7.9. Command Details: Send E-mail ............................................................................... 195
13.7.10. Object Specic Error Codes .................................................................................. 195
13.8. Anybus File System Interface Object (0Ah) ........................................................................ 195
13.8.1. Category ............................................................................................................. 195
13.8.2. Object Descripon ................................................................................................ 195
13.9. Network Ethernet Object (0Ch) ...................................................................................... 196
13.9.1. Category ............................................................................................................. 196
13.9.2. Object Descripon ................................................................................................ 196
13.9.3. Supported Commands .......................................................................................... 196
13.9.4. Object Aributes (Instance #0) ............................................................................... 196
13.9.5. Instance Aributes (Instance #1) ............................................................................. 196
13.9.6. Instance Aributes (Instances #2 - #3) ...................................................................... 197
13.9.7. Interface Counters ................................................................................................ 197
13.9.8. Media Counters ................................................................................................... 197
13.10. CIP Port Conguraon Object (0Dh) ............................................................................... 198
13.10.1. Category ........................................................................................................... 198
13.10.2. Object Descripon .............................................................................................. 198
13.10.3. Supported Commands ......................................................................................... 198
13.10.4. Object Aributes (Instance #0) .............................................................................. 198
13.10.5. Instance Aributes (Instance #1) ........................................................................... 199
13.11. Funconal Safety Module Object (11h) .......................................................................... 200
13.11.1. Category ........................................................................................................... 200
13.11.2. Object Descripon .............................................................................................. 200
13.11.3. Supported Commands ......................................................................................... 200
13.11.4. Object Aributes (Instance #0) .............................................................................. 200
13.11.5. Instance Aributes (Instance #1) ........................................................................... 201
13.11.6. Command Details: Error_Conrmaon ................................................................... 203
13.11.7. Command Details: Set_IO_Cong_String ................................................................. 204
13.11.8. Command Details: Get_Safety_Output_PDU ............................................................ 204
13.11.9. Command Details: Get_Safety_Input_PDU .............................................................. 205
13.11.10. Object Specic Error Codes ................................................................................. 205
13.12. Time Object (13h) ...................................................................................................... 206
13.12.1. Category ........................................................................................................... 206
13.12.2. Object Descripon .............................................................................................. 206
13.12.3. Supported Commands ......................................................................................... 206
13.12.4. Object Aributes (Instance #0) .............................................................................. 206
13.12.5. Instance Aributes (Instance #n) ........................................................................... 206
13.12.6. Time Protocols ................................................................................................... 207
14. Host Applicaon Objects ...................................................................................................... 208
14.1. General Informaon ..................................................................................................... 208
14.2. MQTT Host Object (E2h) ............................................................................................... 209
14.2.1. Category ............................................................................................................. 209
14.2.2. Object Descripon ................................................................................................ 209
14.2.3. Supported Commands .......................................................................................... 209
14.2.4. Object Aributes (Instance #0) ............................................................................... 209
14.2.5. Instance Aributes (Instance #1) ............................................................................. 209
14.3. OPC UA Object (E3h) .................................................................................................... 212
14.3.1. Category ............................................................................................................. 212
14.3.2. Object Descripon ................................................................................................ 212
14.3.3. Supported Commands .......................................................................................... 212
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
14.3.4. Object Aributes (Instance #0) ............................................................................... 212
14.3.5. Instance Aributes (Instance #1) ............................................................................. 213
14.3.6. Command Details: Method_Call .............................................................................. 215
14.3.7. Command Details: Get_Applicaon_Models_Filename ................................................ 218
14.3.8. Command Details: Get_Applicaon_Models_Namespace ............................................ 219
14.4. Energy Reporng Object (E7h) ....................................................................................... 220
14.4.1. Category ............................................................................................................. 220
14.4.2. Object Descripon ................................................................................................ 220
14.4.3. Supported Commands .......................................................................................... 220
14.4.4. Object Aributes (Instance #0) ............................................................................... 220
14.4.5. Instance Aributes (Instance #1) ............................................................................. 220
14.5. Funconal Safety Object (E8h) ....................................................................................... 221
14.5.1. Category ............................................................................................................. 221
14.5.2. Object Descripon ................................................................................................ 221
14.5.3. Supported Commands .......................................................................................... 221
14.5.4. Object Aributes (Instance #0) ............................................................................... 221
14.5.5. Instance Aributes (Instance #1) ............................................................................. 222
14.6. Applicaon File System Interface Object (EAh) .................................................................. 222
14.6.1. Category ............................................................................................................. 222
14.6.2. Object Descripon ................................................................................................ 222
14.7. CIP Identy Host Object (EDh) ........................................................................................ 223
14.7.1. Category ............................................................................................................. 223
14.7.2. Object Descripon ................................................................................................ 223
14.7.3. Supported Commands .......................................................................................... 223
14.7.4. Object Aributes (Instance #0) ............................................................................... 223
14.7.5. Instance Aributes (Instance #1) ............................................................................. 223
14.7.6. Command Details: Get_Aribute_All ....................................................................... 224
14.8. Sync Object (EEh) ......................................................................................................... 225
14.8.1. Category ............................................................................................................. 225
14.8.2. Object Descripon ................................................................................................ 225
14.8.3. Supported Commands .......................................................................................... 225
14.8.4. Object Aributes (Instance #0) ............................................................................... 225
14.8.5. Instance Aributes (Instance #1) ............................................................................. 225
14.9. Energy Control Object (F0h) ........................................................................................... 226
14.9.1. Category ............................................................................................................. 226
14.9.2. Object Descripon ................................................................................................ 226
14.9.3. Supported Commands .......................................................................................... 227
14.9.4. Object Aributes (Instance #0) ............................................................................... 227
14.9.5. Instance Aributes (Instance #1 - #8) ....................................................................... 228
14.10. EtherNet/IP Host Object (F8h) ...................................................................................... 232
14.10.1. Category ........................................................................................................... 232
14.10.2. Object Descripon .............................................................................................. 232
14.10.3. Supported Commands ......................................................................................... 232
14.10.4. Object Aributes (Instance #0) .............................................................................. 232
14.10.5. Instance Aributes (Instance #1) ........................................................................... 233
14.10.6. Mulple Assembly Instances ................................................................................. 235
14.10.7. Command Details: Process_CIP_Object_Request ...................................................... 236
14.10.8. Command Details: Set_Conguraon_Data ............................................................. 238
14.10.9. Command Details: Process_CIP_Roung_Request .................................................... 240
14.10.10. Command Details: Get_Conguraon_Data ........................................................... 241
14.11. Ethernet Host Object (F9h) .......................................................................................... 242
14.11.1. Object Descripon .............................................................................................. 242
14.11.2. Supported Commands ......................................................................................... 242
14.11.3. Object Aributes (Instance #0) .............................................................................. 242
14.11.4. Instance Aributes (Instance #1) ........................................................................... 243
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
14.11.5. Network Status .................................................................................................. 246
14.11.6. DHCP Opon 61 (Client Idener) ......................................................................... 247
14.11.7. Password Conguraon ....................................................................................... 248
Appendix A. Categorizaon of Funconality ................................................................................. 249
1. Basic .............................................................................................................................. 249
2. Extended ........................................................................................................................ 249
Appendix B. Compability to Standard Anybus CompactCom 40 ..................................................... 250
Appendix C. Implementaon Details ........................................................................................... 251
1. SUP-Bit Denion ............................................................................................................ 251
2. Anybus State Machine ...................................................................................................... 251
3. Applicaon Watchdog Timeout Handling .............................................................................. 251
Appendix D. Secure HICP (Secure Host IP Conguraon Protocol) .................................................... 252
1. General .......................................................................................................................... 252
2. Operaon ....................................................................................................................... 253
Appendix E. Installing a CA Cercate in Windows ........................................................................ 254
Appendix F. Technical Specicaon ............................................................................................. 257
1. Front View ...................................................................................................................... 257
1.1. Front View (Ethernet Connectors) ................................................................................ 257
1.2. Network Status LED .................................................................................................. 257
1.3. Module Status LED ................................................................................................... 257
1.4. LINK/Acvity LED 3/4 ................................................................................................ 257
1.5. Ethernet Interface .................................................................................................... 258
2. Funconal Earth (FE) Requirements ..................................................................................... 258
3. Power Supply .................................................................................................................. 258
3.1. Supply Voltage ......................................................................................................... 258
3.2. Power Consumpon ................................................................................................. 258
4. Environmental Specicaon ............................................................................................... 258
5. EMC Compliance .............................................................................................................. 258
Appendix G. Conformance Test Guide ......................................................................................... 259
1. General .......................................................................................................................... 259
2. Suggested Test Tools ......................................................................................................... 259
2.1. Wireshark ............................................................................................................... 259
2.2. NMAP .................................................................................................................... 259
2.3. ODVA Conformance Test Soware ............................................................................... 260
2.4. EZ-EDS .................................................................................................................... 260
2.5. Anybus EDS Generator .............................................................................................. 261
2.6. Sample Test Reports .................................................................................................. 261
3. Statement of Conformance (STC) ........................................................................................ 261
3.1. Implementaon of Host Objects .................................................................................. 262
3.2. Implementaon of Anybus Module Objects ................................................................... 276
Appendix H. Licensing Informaon ............................................................................................. 277
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2
This page is intenonally le blank.
1. Preface
1.1. About this document
This document is intended to provide a good understanding of the funconality oered by the Anybus
CompactCom 40 EtherNet/IP IIoT Secure. The document describes the features that are specic to Anybus
CompactCom 40 EtherNet/IP IIoT Secure. For general informaon regarding Anybus CompactCom, consult the
Anybus CompactCom design guides.
The reader of this document is expected to be familiar with high level soware design and communicaon
systems in general. The informaon in this network guide should normally be sucient to implement a design.
However if advanced EtherNet/IP specic funconality is to be used, in-depth knowledge of EtherNet/IP
networking internals and/or informaon from the ocial EtherNet/IP specicaons may be required. In such
cases, the persons responsible for the implementaon of this product should either obtain the EtherNet/IP
specicaon to gain sucient knowledge or limit their implementaon in such a way that this is not necessary.
For addional related documentaon and le downloads, please visit the support website at
www.anybus.com/support.
1.2. Related Documents
Document Author Document ID
Anybus CompactCom 40 Soware Design Guide HMS HMSI-216-125
Anybus CompactCom M40 Hardware Design Guide HMS HMSI-216-126
Anybus CompactCom B40 Design Guide HMS HMSI-27-230
Anybus CompactCom Host Applicaon Implementaon Guide HMS HMSI-27-334
Using OPC UA Applicaon Dened Informaon Models HMS SCM-1202-182
Enabling and Using OPC UA on Anybus CompactCom 40 IIoT Secure HMS SCM-1202-169
CIP specicaon, Volumes 1 (CIP Common) and 2 (EtherNet/IP) ODVA
OPC UA Specicaon 1.04 OPC Foundaon
Preface Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2 Page 1 of 294
1.3. Document History
Version Date Descripon
2.0 2019-10-28 Secure funconality added
2.1 2019-12-03 New screendumps
2.2 2020-05-11 Updated screenshots in Chapter 3, “Inial Setup and Account Conguraon”
Expanded and improved OPC UA and MQTT secons
Added instance aribute #7 “Limits” to instance #1, OPC UA Object (E3h)
Added instance aribute #42 to Network Conguraon Object (04h)
Updated instance aribute #40, #41, #50, #51, #53, #54, #55 in Network Conguraon Object (04h)
2.3 2021–04–16 Added Time Object (13h)
2.4 2021–05–26 Updated CIP Identy Object
Updated OPC UA and MQTT secons
Updated SMTP secons
2.5 2021-09-23 Added OPC UA applicaon dened informaon models
Minor updates
2.6 2021-10-29 Minor updates
2.7 2022-02-15 Added Command Details: Method_Call
Minor updates
2.8 2022-07-20 Updated informaon about installaon of cercates in chapter "Inial Setup and Account Conguraon"
Minor updates
2.9 2022-11-07 Added LLDP
Updated Secure Web Server (HTTPS) secon
Updated OPC UA informaon
Updated Network Conguraon Object secon (Deprecated instance #42, added instance #43-#46)
3.0 2023-08-24 Minor updates
3.1 2023-11-13 Added OPC UA applicaon dened informaon models with submodels
Added instance aribute #26 to Ethernet Host Object (F9h)
3.2 2024-01-16 Added NTP Server
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure Document History
Page 2 of 294 SCM-1202-069 Version 3.2
1.4. Document Convenons
Lists
Numbered lists indicate tasks that should be carried out in sequence:
1. First do this
2. Then do this
Bulleted lists are used for:
Tasks that can be carried out in any order
Itemized informaon
User Interacon Elements
User interacon elements (buons etc.) are indicated with bold text.
Program Code and Scripts
Program code and script examples
Cross-References and Links
Cross-reference within this document: Document Convenons (page 3)
External link (URL): www.anybus.com
Safety Symbols
DANGER
Instrucons that must be followed to avoid an imminently hazardous situaon which, if not avoided,
will result in death or serious injury.
WARNING
Instrucons that must be followed to avoid a potenal hazardous situaon that, if not avoided, could
result in death or serious injury.
CAUTION
Instrucon that must be followed to avoid a potenal hazardous situaon that, if not avoided, could
result in minor or moderate injury.
IMPORTANT
Instrucon that must be followed to avoid a risk of reduced funconality and/or damage to the
equipment, or to avoid a network security risk.
Document Convenons Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2 Page 3 of 294
Informaon Symbols
NOTE
Addional informaon which may facilitate installaon and/or operaon.
TIP
Helpful advice and suggesons.
1.5. Document Specic Convenons
The terms “Anybus” or “module” refers to the Anybus CompactCom module.
The terms “host” or “host applicaon” refer to the device that hosts the Anybus.
Hexadecimal values are wrien in the format NNNNh or 0xNNNN, where NNNN is the hexadecimal value.
A byte always consists of 8 bits.
The terms “basic” and “extended” are used to classify objects, instances and aributes.
1.6. Abbreviaons
Abbreviaon Meaning
CA Cercate Authority
API assigned packet interval
RPI requested packet interval
T target (in this case the module)
O originator (in this case the master)
1.7. Trademarks
Anybus® is a registered trademark of HMS Networks.
EtherNet/IP is a trademark of ODVA, Inc.
All other trademarks are the property of their respecve holders.
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure Document Specic Convenons
Page 4 of 294 SCM-1202-069 Version 3.2
2. About the Anybus CompactCom 40 EtherNet/IP IIoT Secure
2.1. General
The Anybus CompactCom 40 EtherNet/IP IIoT Secure communicaon module provides instant EtherNet/IP
conformance tested connecvity via the patented Anybus CompactCom host interface. Any device that supports
this standard can take advantage of the features provided by the module, allowing seamless network integraon
regardless of network type. The module supports both linear and ring network topology.
The modular approach of the Anybus CompactCom 40 plaorm allows the CIP-object implementaon to be
extended to t specic applicaon requirements. Furthermore, the Identy Object can be customized, allowing
the end product to appear as a vendor-specic implementaon rather than a generic Anybus module.
This product conforms to all aspects of the host interface for Anybus CompactCom 40 modules dened in
the Anybus CompactCom 40 Hardware and Soware Design Guides, making it fully interchangeable with any
other device following that specicaon. Generally, no addional network related soware support is needed,
however in order to be able to take full advantage of advanced network specic funconality, a certain degree of
dedicated soware support may be necessary.
About the Anybus CompactCom 40 EtherNet/IP IIoT Secure Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2 Page 5 of 294
2.2. Features
Secure Boot
TLS support for secure data transfer
Security chip for secure key storage
Hardware accelerated cryptographic operaons
Hashed password storage
Secure web server w. customizable content
Secure le transfer server (WebDAV)
Two EtherNet/IP ports
RJ45 connectors
Supports OPC UA funconality
Supports MQTT funconality
Max. read process data: 1448 bytes
Max. write process data: 1448 bytes
Max. process data (read + write, in bytes): 2896 bytes
Beacon Based DLR (Device Level Ring) and linear network topology supported
Black channel interface, oering a transparent channel supporng CIP Safety
10/100 Mbit, full/half duplex operaon
Email client
JSON funconality
Customizable Identy Informaon
Up to 65535 ADIs
CIP Parameter Object support
Expandable CIP-object implementaon
Supports unconnected CIP roung
Transparent Socket Interface
Modular Device funconality
QuickConnect supported
Mulple IO assembly instances can be created
Link Layer Discovery Protocol
2.3. IIoT – Industrial Internet of Things
IIoT gives an applicaon access to the data of a product over the internet. This is, among other things, useful for...
uncovering product failures and deciencies
discovering how products are used
ensuring the quality of products faster
To support IIoT, the Anybus CompactCom 40 EtherNet/IP IIoT Secure supports the protocols OPC UA and MQTT.
See also ...
OPC UA (page 84)
MQTT (page 112)
2.4. Security
Anybus CompactCom 40 EtherNet/IP IIoT Secure provides security features for secure network communicaon.
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure Features
Page 6 of 294 SCM-1202-069 Version 3.2
In order to secure the network communicaon the device is equipped with a security chip providing secure key
storage together with a hardware accelerated cryptographic engine. The embedded web server as well as the
OPC UA and the MQTT communicaon are secured.
The embedded web server features web pages for security conguraon such as cercate installaon and user
account management. A user can e.g. install its own cercate. This interface can be used as is, or be modied to
t the host product. All web operaons are implemented using an JSON API providing the possibility for users to
make tools directly accessing this API.
2.4.1. Backdoor Freedom Declaraon
Anybus products are developed following a Secure Soware Development Life Cycle framework, incorporang
strict security requirements and tesng. This development process ensures that the is free from hidden accounts,
undocumented soware features, debug code, or hardware backdoors.
2.5. Cercates
Cercates are a main component in secure communicaon. They are used to prove the identy of the owner
of the cercate. A node will trust a cercate if it trusts the Cercate Authority (CA) that has issued the
cercate. Trusted cercates are used to ensure secure communicaon.
Which cercates to use, depend on the installaon. HMS Networks oers a tool that generates device and CA
cercates, that can be used during development.
2.5.1. Inial Device Cercate
The Anybus CompactCom 40 EtherNet/IP IIoT Secure comes with a preinstalled inial device cercate. This
cercate proves that the device is produced by HMS Networks and will also be used for HTTPS unl the device
is congured by the end user. Please note that browsers will issue a security warning as long as this cercate is
used.
The inial device cercate holds the following identy informaon.
countryName (C) SE
stateOrProvinceName (ST) Halland
Locality (L) Halmstad
organizaonName (O) HMS Industrial Networks AB
organizaonUnitName (OU) Anybus
commonName (CN) (module serial number)
serialNumber (SN) (module serial number)
The cercate is placed in read only storage, and will not be deleted upon factory default reset.
2.5.2. Cercate Authories
Some protocols, e.g. OPC UA, need to validate the identy of other devices, such as PLCs, that try to connect to
the Anybus CompactCom. The user can install CA cercates that are used to validate the cercate provided by
the client. The cercates are installed from the internal web pages of the product.
NOTE
Cercate expire me/date is not validated as Anybus CompactCom does not know me.
2.5.3. Device Cercates
Device cercates are installed by the end users at conguraon me and are used by the various secure
protocols to prove the device identy of the Anybus CompactCom 40 EtherNet/IP IIoT Secure to establish secure
communicaon. The cercates and the corresponding private keys are installed using the web interface. It is
possible to congure for which protocol each device cercate is to be used.
Cercates Anybus® CompactCom 40 - EtherNet/IP IIoT Secure
SCM-1202-069 Version 3.2 Page 7 of 294
3. Inial Setup and Account Conguraon
This secon describes how to set up an applicaon using the default web pages and the default conguraon of
the Anybus CompactCom 40 EtherNet/IP IIoT Secure.
IMPORTANT
Secure operaon is not available unl inial setup and account conguraon has been nalized. The
steps described in this secon have to be followed to ensure secure operaon of the device.
An inial device identy cercate is installed in the Anybus CompactCom 40 EtherNet/IP IIoT Secure. This is
inially used to setup a connecon to the web server and enables the user to access the internal web pages. It is
not possible to delete this cercate from the device.
IMPORTANT
It is recommended to perform this inial conguraon oine, with the device connected directly to
your computer. This to ensure that anyone who is not authorized, will gain access to the device and
congure the rst account.
3.1. Set an IP Address
To access the web pages of the Anybus CompactCom, an IP address has to be set for the device. One way to do
this is described in Secure HICP (Secure Host IP Conguraon Protocol) (page 252). An IP address can also be set
by the host applicaon.
3.2. Congure First Administrator Account
1. Enter the IP address of Anybus CompactCom 40 EtherNet/IP IIoT Secure in a browser. The web page as
shown in the picture will show.
Create the necessary rst administrator account by entering a username and a password.
Figure 1.
Anybus® CompactCom 40 - EtherNet/IP IIoT Secure Inial Setup and Account Conguraon
Page 8 of 294 SCM-1202-069 Version 3.2
/