Description
SIPLUS CP 1543-1 -40…+60 °C Start-up -25 °C with conformal coating based on 6GK7543-1AX00-0XE0 Communications processor for connecting SIMATIC S7-1500 to Industrial Ethernet: TCP/IP, ISO, UDP, S7 communication, IP-BROADCAST/ MULTICAST, security (hardware identification, IP/MAC access list, firewall), Diagnostics SNMPV1/V3, DHCP, FTP client/ server, Email, IPV4/IPV6, data storage on SD Card of the CPU, time-of-day synchronization via NTP, Access to the “Web server of the CPU; Gigabit interface” 1x RJ45 (10/100/1000 MB) 6AG15431AX002XE0_datasheet_en
Overview
The SIMATIC CP 1543-1 communications processor securely connects the new SIMATIC S7-1500 controller to Industrial Ethernet networks. By combining a variety of security features such as an SPI (Stateful Packet Inspection) firewall, VPN and data encryption protocols such as FTPS and SNMPv3, the communications processor protects individual S7-1500 stations or even entire automation cells against unauthorized access.
The CP can also be used for linking the S7-1500 station into an IPv6-based network. All functions are configured by means of STEP 7 Professional V12 (TIA Portal) or higher.
The CP 1543-1 supports the following communications services:
- PG/OP communication
- S7 communication
- Open user communication (SEND/RECEIVE, FETCH/WRITE)
- IT communication
- FTP functions (File Transfer Protocol FTP/FTPS) for file management and access to data blocks in the CPU (client and server function)
- Access (read and write modes) to csv files stored on the memory card of the CPU via FTP(S)
- Sending emails via SMTP or ESMTP with “SMTP-Auth” for authentication on an email server (also with IPv6)
- Static IP routing with up to 1 Mbps via IPv4 to other CM 1543-1 / CM 1542-1 units in an S7-1500 system, e.g., for web server accesses without real-time capability. Securing a cell by activating the security function in the CP 1543-1 automatically deactivates IP routing.
- Security functions
- Stateful Packet Inspection (layers 3 and 4) firewall
- Secure communication via VPN (IPsec)
- Secure access to the web server of the CPU via the HTTPS protocol
- Secure file transfer using FTPS
- Secure transfer of the time of day (NTP)
- SNMPv3 for tap-proof transfer of network analysis information
- Encrypted email communication via SMTPS (Port 587)
- Open communication over TCP/IP
- Integration of the S7-1500 into IPv6-based networks;
An IPv6-compliant IP address can be used for the following communication services:- FETCH/WRITE access (CP as server)
- FTP server mode
- FTP client mode with addressing by program block
- Email transfer with addressing by program block
Benefits
- Reachability of the SIMATIC S7-1500 station from an IPv6-based infrastructure
- Optimum support of maintenance due to
- Simple diagnostics via the central Web server
- Remote programming via LAN
- Monitoring with IT network management tools (SNMP)
- Module replacement without a PG
- Securing the system against unauthorized access with
- Central access protection for any S7 station
- Secure access to the central Web server
- Network separation for setting up identical machines with the same IP address
- Simple alerting by e-mail and transfer of production data to master computer using FTP
- Protection of investment thanks to simple integration of the SIMATIC S7-1500 system in existing networks with SIMATIC S7-300 / S7-400 / S5 via Industrial Ethernet using the CP 1543-1
Application
The CP 1543-1 is used to connect the SIMATIC S7-1500 to Industrial Ethernet networks. With its own processor, it relieves the CPU of communications tasks and facilitates additional connections.
The CP 1543-1 provides communication options with:
- PGs/PCs,
- master computers
- operator control and monitoring systems,
- other SIMATIC S5/S7 systems.
This can be used to protect the SIMATIC S7-1500 from unauthorized access from an Ethernet network. The CP 1543-1 allows safe remote access via a LAN and allows data transfer between devices or network segments to be protected from data manipulation/espionage.
Protection of the SIMATIC S7-1500 system from unauthorized access from the Industrial Ethernet network