CADA EVIEW 2017 SCHNEIDER LECTRIC
Transcript of CADA EVIEW 2017 SCHNEIDER LECTRIC
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
1
SCADA REVIEW 2017 – SCHNEIDER ELECTRIC
SECTION 1: Vendor, SI & end-user details
Product & vendor details
Question Response
Q1.1 Product name and version Citect SCADA 2015 Service Pack 1
Q1.2 Product Vendor Schneider Electric
Q1.3 Vendor switchboard telephone number
+27 11 046 1900
Q1.4 Vendor generic email address to be published with review
Q1.5 Vendor URL [software.schneider-electric.com]
Vendor contact details for editor clarification (not for publishing)
Q1.6 Contact person [Quintin McCutcheon]
Q1.7 Contact person’s telephone [+27 82 823 9298]
Q1.8 Contact person’s email [[email protected]]
System Integrator respondent details
Q1.9 Name [Johan Potgieter]
Q1.10 Position/Designation [Service Engineer]
Q1.11 Company [Schneider Electric]
Q1.12 Telephone [011 046 2021]
Q1.13 Email [[email protected]]
End-user respondent details
Q1.14 Name []
Q1.15 Position/Designation []
Q1.16 Company []
Q1.17 Telephone []
Q1.18 Email []
Q1.19 Do you wish your details to be withheld when the review is printed?
[Yes]
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
2
SECTION 2: End-user questionnaire
Project details (i.e. these questions pertain to the specific subject application)
Q2.1 Application site location. Town, Province, Country
Brits, North West, South Africa
Q2.2 In what industry is the scada application?
Mining
Q2.3 Date project started [2015-05]
Q2.4 Date project completed [2015-05]
Q2.5 What is the fundamental purpose of the system?
[Mining] e.g. Manufacturing, utilities, logistics, ...
Q2.6 Briefly describe the application including information on any pre-existing control system or scada system that was in place, etc. If there was a pre-existing system, please describe the switchover from the previous system.
The client has been using Citect SCADA V7.2 solutions since 2010. The upgrade to Citect SCADA 2015 was made to allow for greater flexibility, Page template upgrade for wide screen resolution, enhanced alarm management and more functionality.
Q2.7 What was the primary motivation for the project?
Project simplification and engineering efficiency.
Q2.8 What were the main goals established for the project?
Goal 1: Standardisation of objects and templates across all plant sections. Goal 2: Implement ISA-95 equipment model Goal 3: Consolidate all plant sections into single system
Q2.9 In the procurement decision making process what were the primary considerations that influenced the product selection?
Current installed base is Citect SCADA and Citect Historian.
Q2.10 What Project Management principles and/or methodologies did you employ as end-user to mitigate risk, ensuring the project came out on time and within budget?
N/A.
Licensing, maintenance & support model
Q2.11 What licences have been purchased for this particular application?
No new licenses were purchased; however upgrades to the latest version were included as a part of the annual support contact
Q2.12 What upgrade agreements are in place on this particular application?
A Service Level Agreement with remote support, and a Technology Agreement on the SCADA software.
Q2.13 How is the after-sales support handled on this particular application?
This is provided via regular site visits and remote support by Schneider Electric.
Q2.14 Do you have a documented process in place to manage, test and install OS and scada system software patches? If so, please describe.
Updates and patches are first tested by the Schneider Electric in a simulated environment before being deployed to the production system.
Integration and management reporting
Q2.15 Is the scada system integrated onto an intranet or the Internet? If so, does the configuration allow simple remote monitoring by clients, or is it configured to allow full remote control by clients?
Yes. The system allows for remote SLA support across a VPN to the client. An overview project was also
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
3
created with the upgrade, to give managers a remote Overview session over the IT network.
Q2.16 Does the system include or interface with an expert system? If so, please describe.
No
Q2.17 Does the system include any form of augmented cognition (AC) or augmented reality (AR)? If so, please describe.
No
Q2.18 Is the system integrated with an MES / ERP or other management reporting or control system (e.g. Baan, SAP, SYSPRO…)? If so then what integration methodology was used? (e.g. .NET, XML, Web Services, etc.)
Yes. Client bespoke MES, the connection is done via SQL through Citect Historian
Q2.19 Has any GIS (Geographic Information Systems) functionality been configured in the application? If so, please describe its functionality and how it was achieved.
No
Q2.20 Has any asset management functionality been configured in the application (for software assets, control system assets or for plant assets)? If so, please describe its functionality and how it was achieved.
No
Q2.21 Do you run the scada in conjunction with any third-party application software (Other than expert system, AC, AR, MES, GIS or asset management system)? If so, please describe.
Yes, Bin material allocation. Third Party software is used to allocate Bin Material and Quantities to Specific bins. This information is sent to the SCADA system where operators can select specific material and routing.
Q2.22 Does the application include data archiving / historian capabilities with an historical data reporting system? Please elaborate.
Yes. The SCADA system connects to Schneider Electric Citect Historian via CTAPI protocol where data is captured into a Microsoft SQL database. SSRS Reports are generated for every Shift, Day, Month and Year and can be accessed on any workstation across the plant or via VPN. In conjuction an overview Dashboard of the Plant production was created which refreshes every 5 seconds. This is used only by Managers, when managers connect to a remote session on the Scada the Dashboard is the first view displayed.
Maintenance, reliability and asset optimisation
Q2.23 Have any operational or production benchmarking tools been configured as part of the scada system? If so, please describe.
Yes. Target and actual values are displayed on all batching KPAs (Key Performance Areas).
Q2.24 What maintenance, reliability, asset optimisation and/or continuous improvement criteria relating to this system and the plant monitored / controlled by this system, were included in the user requirements specification for this project?
[N/A]
Mobile device support
Q2.25 Are you currently using tablets, mobile phones or other smart mobile devices to interact with the scada system? If so, for what purposes?
No
Q2.26 Do you allow users to interface with the scada system via their own personal smart devices? (BYOD)
No
Conclusion
Q2.27 What was the predominant feature (or features) that made you decide to purchase this scada
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
4
product over all others for this application?
Uniform look and feel. Alarm handeling.
Q2.28 What was the most significant change that you implemented in SCADA engineering practice / technology in this project? If the answer is other than None, what motivated you to implement that change?
Employed one standard page template throughout the plant to improve development and give a uniform look and feel.
Q2.29 What single operational feature most impresses you about the product now that it is in operation? Please elaborate.
The new and improved Alarming Engine. Architectural changes relating to alarm request processing delivers greatly improved Active Alarm, Sequence of Events (SOE), Summary & Count display time; even over latent networks. The Alarm Summary provides a long-term archive and automatic refresh of Summary Pages and Full 64-bit Alarm Server meets scalability demand. Alarm server synchronization following network disturbances is improved.
Q2.30 What impresses you most about the architecture? Please elaborate.
The small hardware server footprint for the scada application, where a single server is used for alarming, logging, trending, and scanning to PLCs, thus reducing overall costs. (see diagram)
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
5
SECTION 3: SI questionnaire
Project details (i.e. these questions pertain to the specific subject application)
Q3.1 How many tags are configured? Digital = 49120
Integers = 21555
Real = 914
String = 75
Long = 751
Digital alarms = 35774
Total = 108189
Q3.2 How many updates per day are recorded in the archive / historian for this particular project?
6 436 800 (745 tags per 10 second)
Q3.3 How much disk space do one day’s updates for this particular project occupy?
84MB
Q3.4
**
How many I/O does the installation have? Analog, digital, other? And across how many front-end devices? Make & Model of front ends?
[I/O details]
[Front ends]PLC = Mitsubishi Q Series
Q3.5 Approximately how many man-hours did the scada configuration take?
[40Hours]
Q3.6 What tools were used to minimise the man-hours taken?
Standard Templates, Citect DBF add for Excel to do Bulk Editing
Q3.7 Do the operator interfaces on this project use multi-touch gestures?
No
Q3.8 What human factors were taken into consideration as principles or development standards in the HMI design process?
Menu Structures and layout has changed but kept the existing genie design aspects, with which the operators were familiar, were carried over from the previous scada and requirements for user input were reduced.
Q3.9 For the graphics development process did you use standard library images, or did you have to draw images from scratch?
Current Site Standard Library Images was used.
Q3.10 How would you describe the library of graphic images?
Comprehensive
Q3.11 Did you use any ‘special’ images? No
Q3.12 Did you use any video or multimedia technology in the application? If so, please describe.
[No]
Q3.13 What alarm management standards or best practices were adopted in configuring the scada system?
Schneider Electric South Africa CPS Standard
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
6
Q3.14 What structured processes were followed to determine expected performance under full load, and during abnormal failure conditions (such as network interruptions, node failures, power outages, controller failures, etc.)?
[A complete library of test sheets with a pre-determined set of acceptable limits exists within the Schneider
Electric Quality Management System. During commissioning, failures are simulated and results
documented against these pre-determined criteria. Exceptions are documented as non-conformances and
are actioned before final hand-over.]
Q3.15 What are the key physical communication layers and communication protocols employed in the system? Fibre, Ethernet, EtherCAT, wireless, Modbus, etc.
Ethernet over fibre and EtherCAT
Q3.16 What is the network speed and communications medium of the slowest link in this project’s scada network?
100MB over Ethernet
Q3.17 What is the network speed and communications medium of the fastest link in this project’s scada network?
100MB over Fibre
Q3.18 What levels of redundancy are incorporated in this scada application? (Client side, server side, DB server, communications server, web server, etc.)
Citect SCADA Hotstandby Servers
Q3.19 Was any specific custom code or scada scripting written for this project? If so, for what purpose?
None
Maintenance, reliability and asset optimisation
Q3.20 In engineering this project, what steps were taken to address maintenance, reliability, asset optimisation and/or continuous improvement aspects relating to this system and the plant monitored / controlled by this system?
[QMS Change management forms were maintained to document changes.]
Project management
Q3.21 What Project Management principles and/or methodologies did you as SI employ to mitigate risk, ensuring the project came out on time and within budget?
Schneider Electric’s Customer Project Process (CPP) was employed. This is an internally branded Project Lifecycle Management system. CPP methodologies provide guidance for the implementation of a customer project and strive to provide a superior customer experience.
Security and data protection
Q3.22 How have authentication, authorisation & role management been configured? Please elaborate.
Authentication has been implemented using a Windows Active Directory domain (users and groups). Each domain group has been associated with internal Citect groups. Within the Citect environment role-based security is implemented, where roles are associated with specific areas. A scada user is unable to view information outside his area without explicit permission.
Q3.23 Does the design make provision for a DMZ and firewall segregation of process (scada) network and business networks (LAN, WAN, GAN, Internet, etc.? If so, please briefly describe how this has been achieved.
The solution is logically separated through the use of VLANs. Further information is unavailable as the network is managed by the end-user.
Q3.24 What intrusion detection has been incorporated on the plant network(s) on which this scada system exists?
Intrusion detection is provided via McCafee
Q3.25 Is the security model employed based on a standard? If so, please state the standard used.
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
7
No
Q3.26 In what ways is this project’s hardware architecture optimised for:
1. Patch management and 2. Antivirus management?
1. Patch management is done by Schneider Electric. Every second week of the month a new patch is released. The Patch is Tested on the clients Project and hardware (Simulated environment), if performance or functionality improvements is evident, a date and time are arranged for implementation.
2. Antivirus management is managed through Site IT Personel.
To Implement any Patches and Antivirus changes the roll-out will first be done on all A-machines. A-Machines consist of the Primary Server and 1 operator station in each control room. The rest of the plant will be running from B-Machines: The HotStandby Server and the 2nd operator station in Control rooms. When test and roll-outs is done, it will be duplicated on the B-Machines.
Q3.27 What configuration back-up and data archive backup methodologies have been adopted?
Configuration and data backups are performed weekly, monthly and on change.
Q3.28 Did you use any integrated or 3rd party configuration control system for the scada configuration during the engineering of this application? If so, please describe.
No
Conclusion
Q3.29 How would you rate the ease of use of the historical reporting system?
Easy
Q3.30 What impresses you the most about the engineering / configuration aspects of the product now that it is in operation? Please elaborate.
The ease of use to do changes. The Navigation is much quicker for site personel on the SCADA. Information given from the new improved Alarm Server.
Q3.31 What impresses you most about the architecture? Please elaborate.
The small hardware server footprint for the scada application, where a single server is used for alarming, logging, trending, and scanning to PLCs, thus reducing overall costs.
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
8
SECTION 4: Vendor questionnaire
Product details
(NB the difference between the Product related column, which is in respect of (iro) the product in general and the Subject project related column, which is iro of the project covered by this scada review)
Product related Subject project
related
Product
Q4.1 Product version / Module versions [Citect SCADA 2016]
Latest [Citect SCADA
2015] On site
Q4.2
Vendor comments on product / modules
Schneider Electric is committed to releasing one release per annum; within a given 12 month period we continue to enhance product quality with service packs and add-on packages such as +PowerConnect and +Facilities. The Citect SCADA product is core to Schneider Electric’s automation architecture and is continually enhanced to support integration of Schneider Electric products such as the Webgate ActiveX for Magelis HMI integration and the Pelco ActiveX for Pelco CCTV integration.
Operating systems / VMWare
Product – supported / available Subject project -
used
Q4.3 Operating systems – client side run-time?
[Windows 10, Windows 8 and 8.1, Windows 7]
Windows 7
Q4.4 Operating systems – client side configuration?
[Windows 10, Windows 8 and 8.1, Windows 7]
Windows 7
Q4.5 Operating systems – server side? Windows Server 2016,Windows Server
2012R2,Windows Server 2008R2 Windows Server
2008R2
Q4.6 Browser based?
The CitectSCADA Web Client allows users to view a live CitectSCADA project within a Web browser. It provides easy access to
CitectSCADA Runtime for LAN-connected users requiring read/write access to
current production information.New feature that can be bought separately for Mobile devices are Citect Anywhere which uses
HTML 5 architecture.
None
Q4.7 Front end device communications protocols
OFSOPC, PSDIRECT,MELSEC,MODNET,ABCLX
https://www.citect.schneider-electric.com/scada/citectscada/downloads-
updates/driverweb
[MELSEC]
Q4.8
Does the scada system rely on Java plug-ins to exploit the full functionality of its core and additional modules?
[No] [No]
Q4.9
Vendor comments (e.g. Java based, Microsoft CLR, Mobile OS support, etc.)
[Schneider Electric continues to support the latest Microsoft 32-bit and 64-bit operating systems and
strives to make systems accessible from any client too regardless of operating system by utilizing HTML5.]
Licensing, maintenance & support model
Q4.10 What sort of licensing agreement options are offered? Does one licence cover all modules, or can
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
9
the purchaser buy only those modules that he requires?
There are 3 types of licences: Full Server, Client read-only and Client read-write. There is no differentiation between modules and a single full license enables all functionality. A full license also acts as a client on the server hardware and the system can be operated from this server. Additional clients provide users access to all system features from additional hardware connected to the system via an Ethernet network.
Q4.11
**
Are licences sold outright or subject to periodic (e.g. annual) renewal?
Licences are once-off purchases.
Q4.12
**
What upgrade agreements are offered? Are patches and version upgrades free, covered under annual maintenance or managed in some other way (describe)?
Patches, hot-fixes and service packs are available to end-users with valid maintenance agreements. Version upgrades are available to those end-users with valid maintenance agreements.
Q4.13
*
**
What after-sales offerings iro support and maintenance are available, and which technologies are used to deliver them?
Support is covered under a paid annual support agreement and includes “virtual engineer” (desktop remoting), telephonic support, e-mail support, online self-help tools, automatic driver updates, product upgrades, on-site engineering under a service level agreement, security advisory services, user forum (LinkedIn group) and online knowledge base repository
Q4.14 Do you have a documented process in place to manage and test OS patches and to release scada system software patches? If so, please describe.
We have a standard procedure based on hierarchies of workstations and criticality of patches that determines the order and speed with which we deploy patches
Technology incorporated
Product related Subject project
related
Q4.15
Product uses Web Services? [No] [No]
If the subject application uses Web Services, please describe what this technology is used for.
[Enter your response here]
Q4.16
Cloud computing supported? [No]
[No]
If the subject application uses cloud computing, please describe how this technology is implemented on the subject project.
[Enter your response here]
Q4.17
Virtualisation models supported? [Citect is tested and supported to run in a
VMWare virtualised environment] [No]
If the subject application uses virtualisation, please describe how this technology is implemented on the subject project.
[Enter your response here]
Q4.18
Do the operator interfaces (supported hardware + OS + scada software) support multi-touch gestures?
[Yes]
[No]
Q4.19 What changes have been introduced into the product in the last 12 months?
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
10
[Some of the new features and functionality of Citect SCADA 2016 include:
• Citect Studio - an intuitive and powerful new integrated development environment
• Topology view - a graphical view of servers by machine & cluster
• Centralized deployment – management of project configuration for all nodes from a central location
• Calculated Variables – configuration of tags using Cicode functions as expressions
• Alarm Properties for Equipment – creation of genies & super-genies with Equipment.Item support for Alarm properties
• Specialty drivers - BACnet & KNX enhancements, new S7TCP driver supporting the latest Siemens S7-1500 PLCs
Integration and management reporting
Q4.20 What generic and/or product specific interfaces does the product have iro well-known MES packages? Please elaborate including comment on relevant certifications.
An OLE-DB compliant interface is available as well as the Citect API for integration into higher level business systems; however, no certified interfaces are available for the above mentioned.
OPC A&E, OPC-DA Servers are available as per the OPC Foundation certification and are included in the version release as well .Net Framework is integrated into the cicode programming function.
Q4.21 What native (application or OS) historical data reporting options are available? Please elaborate.
[Citect Trend Server is a standard archiving component within Citect SCADA that will enable an end user to access histocial data through a native client tool called Process Analyst. Citect Historian. The SCADA system connects to Schneider Electric Citetc Historian via CTAPI protocol where data is captured into Microsoft SQL. SSRS Reports are generated. In addition, Dream Reports are integrated into the CitectHistorian. Separate licensing is required to use Dream Reports.
Maintenance, reliability and asset optimisation
Q4.22
**
What maintenance, reliability, asset optimisation and/or continuous improvement related modules or capabilities does the product incorporate relating to the IT and/or control system of which this product forms a part and/or the plant monitored / controlled by such system?
PLC configuration and programming
Q4.23 What capabilities, if any, does the scada offer in terms of generation and/or management of either PLC configuration files or PLC application code? Please elaborate
[Citect enables the synchronisation and automatic creation of variable tags using a Unity application project file (.STU), CSV file or OPC Server. It does not generate PLC configuration or PLC application files. It maintains a common set of variables between Citect and Unity, i.e. when tags are added to a Unity Linked device from Citect, the Unity STU file is updated and when variables are added from the Unity environment and saved to the STU, Citect will import the updated variable list.]
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
11
Security and data protection
Q4.24 If the scada system generates application files that are transferred to the PLC, how are PLC virus attacks prevented in this process? Please elaborate
[N/A]
Q4.25 What authentication, authorisation & role management models are available for the runtime environment? Please elaborate
[The following should be considered: Areas, Privileges, Roles and Users. Security may be incorporated in
the application or through Windows’ integrated authentication which will determine where users are
created.
Areas - An area is a section of the plant. It can be defined geographically or logically.
Privileges - Level of access applied to system elements within the project. A user is assigned a role that
possesses particular privileges.
Roles - A defined set of permissions (privileges and areas) that are assigned to users.
Users - A person or group of persons that need access to the runtime system.]
Unique selling proposition (USP)
2017 CO P Y R I G H T T E C H N E WS PU B L I S H I N G ( PT Y ) L T D – W WW . T E C H N E W S . C O . Z A A L L R I G H T S R E S E R V E D
12
Q4.26
List the top five feature/benefit pairs that contribute to this product’s USP
Feature
1.Integrated Process Analyst Tool
2. Scalability
3. Reliability
4. Open Architecture
5. Automation tools’ integration
Benefit
1. Productivity is increased via analysis of processes used to improve plant and production efficiencies
2. Allows the system architecture to grow with project requirements, while preserving initial project investment
3. Citect’s redundancy will tolerate failure anywhere in the system, with no loss of functionality or performance
4. A collection of over 150 protocol drivers and Citect’s open connectivity from various information systems allows seamless data flow
5. The integration of Schneider Electric tools such as the Pelco ActiveX, Webgate ActiveX, Magelis Diag Buffer and Speedlink reduces engineering time and ensures all components are able to communicate seamlessly. These tools are included within the standard software bundle at no additional cost and are maintained and upgraded as and when new hardware is released, ensuring that support for these interfaces is retained
END