Hms Ixxat sg-basic User manual

SG-basic

Extended Version

USER MANUAL

4.01.0401.20001 1.1 en-US ENGLISH

Important User Information

Disclaimer

The information in this document is for informational purposes only. Please inform HMS Networks of any

inaccuracies or omissions found in this document. HMS Networks disclaims any responsibility or liability for any

errors that may appear in this document.

HMS Networks reserves the right to modify its products in line with its policy of continuous product development.

The information in this document shall therefore not be construed as a commitment on the part of HMS Networks

and is subject to change without notice. HMS Networks makes no commitment to update or keep current the

information in this document.

The data, examples and illustrations found in this document are included for illustrative purposes and are only

intended to help improve understanding of the functionality and handling of the product. In view of the wide range

of possible applications of the product, and because of the many variables and requirements associated with any

particular implementation, HMS Networks cannot assume responsibility or liability for actual use based on the data,

examples or illustrations included in this document nor for any damages incurred during installation of the product.

Those responsible for the use of the product must acquire sufficient knowledge in order to ensure that the product

is used correctly in their specific application and that the application meets all performance and safety requirements

including any applicable laws, regulations, codes and standards. Further, HMS Networks will under no circumstances

assume liability or responsibility for any problems that may arise as a result from the use of undocumented features

or functional side effects found outside the documented scope of the product. The effects caused by any direct or

indirect use of such aspects of the product are undefined and may include e.g. compatibility issues and stability

issues.

SG-basic User Manual 4.01.0401.20001 1.1 en-US

Table of Contents Page

1 User Guide ........................................................................................................................... 3

1.1 Target Audience...............................................................................................................3

1.2 Related Documents ..........................................................................................................3

1.3 Document History ............................................................................................................3

1.4 Trademark Information.....................................................................................................3

1.5 Conventions....................................................................................................................4

2 Safety Instructions .............................................................................................................. 5

2.1 General Safety Instructions................................................................................................5

2.2 Data Security Features ......................................................................................................5

2.3 Intended Use...................................................................................................................7

3 Scope of Delivery ................................................................................................................ 7

4 Product Description ............................................................................................................ 9

5 Installation......................................................................................................................... 10

5.1 System Requirements ..................................................................................................... 10

5.2 Installing the Hardware................................................................................................... 11

5.3 Reset the Device ............................................................................................................ 13

6 Configuration..................................................................................................................... 14

6.1 Accessing the Device ...................................................................................................... 14

6.2 Accessing the Embedded WEB-PLC.................................................................................... 15

6.3 Activating HTTPS............................................................................................................ 15

6.4 Updating the Firmware ................................................................................................... 16

6.5 Changing Password and Access Rights ............................................................................... 19

6.6 Exporting and Importing a Configuration ............................................................................ 21

7 WEB-PLC Editor ................................................................................................................. 23

7.1 Creating an Application................................................................................................... 23

7.2 Debugging .................................................................................................................... 25

7.3 Mapping I/Os Directly..................................................................................................... 26

7.4 Configuring MQTT Messages............................................................................................ 26

8 Diagnostics and Logging.................................................................................................... 28

8.1 Event Log...................................................................................................................... 28

8.2 Diagnostics Console........................................................................................................ 29

8.3 Data Logging ................................................................................................................. 30

SG-basic User Manual 4.01.0401.20001 1.1 en-US

9 Operation........................................................................................................................... 31

9.1 Power LED .................................................................................................................... 31

9.2 HMS Hub LED A ............................................................................................................. 31

9.3 PLC LED B ..................................................................................................................... 31

10 Technical Data ................................................................................................................... 32

11 Support/Return Hardware................................................................................................ 33

11.1 Support........................................................................................................................ 33

11.2 Return Hardware ........................................................................................................... 33

12 Decommissioning and Disposal ........................................................................................ 33

A Regulatory Compliance ..................................................................................................... 35

A.1 EMC Compliance (CE) ..................................................................................................... 35

A.2 Disposal and recycling..................................................................................................... 35

A.3 ROHS and REACH ........................................................................................................... 35

B UL Ordinary Locations (OrdLoc) ....................................................................................... 36

C Open Source Software ...................................................................................................... 37

User Guide 3 (38)

1 User Guide

Please read the manual carefully. Make sure you fully understand the manual before using the

product.

1.1 Target Audience

This manual addresses trained personnel who are familiar with the applicable standards of the

application field. Exclusively trained staff authorized by the operator is allowed to install,

commission and maintain the device. The contents of the manual must be made available to any

person authorized to use or operate the product.

This guide provides information on hardware installation and the setup of the SG-basic as well as

the basic steps how to access the integrated web-based user interface, the so-called WEB-PLC.

All configurations done via the WEB-PLC are described in detail in the integrated WEB-PLC online

help, available via the web-interface.

1.2 Related Documents

Document Author

OpenVPN documentation http://openvpn.net OpenVPN

WEB-PLC — Online Help HMS

For additional related documentation like Startup Guides for various protocols, How-to videos,

and file downloads see support website at www.ixxat.com/sg-gw-download.

1.3 Document History

Version Date Description

1.0 April 2020 First release

1.1 May 2021 Correction pin allocation, added information about variants, divided into

installation guide and extended user manual, added data security features

1.4 Trademark Information

Ixxat®is a registered trademark of HMS Industrial Networks. All other trademarks mentioned in

this document are the property of their respective holders.

SG-basic User Manual 4.01.0401.20001 1.1 en-US

User Guide 4 (38)

1.5 Conventions

Instructions and results are structured as follows:

►instruction 1

►instruction 2

→ result 1

→ result 2

Lists are structured as follows:

• item 1

• item 2

Bold typeface indicates interactive parts such as connectors and switches on the hardware, or

menus and buttons in a graphical user interface.

This font is used to indicate program code and other

kinds of data input/output such as configuration scripts.

This is a cross-reference within this document: Conventions, p. 4

This is an external link (URL): www.hms-networks.com

Safety advice is structured as follows:

Cause of the hazard!

Consequences of not taking remediate action.

How to avoid the hazard.

Safety signs and signalwords are used dependent on the level of the hazard.

This is additional information which may facilitate installation and/or operation.

This instruction must be followed to avoid a risk of reduced functionality and/or damage

to the equipment, or to avoid a network security risk.

Caution

This instruction must be followed to avoid a risk of personal injury.

WARNING

This instruction must be followed to avoid a risk of death or serious injury.

SG-basic User Manual 4.01.0401.20001 1.1 en-US

Safety Instructions 5 (38)

2 Safety Instructions

Caution

The device may only be put into service and operated by qualified personnel. To ensure

the safe operation of the device, prevent access to the device by unauthorized persons.

If device is connected directly to the internet (without router), the firewall must be

enabled.

2.1 General Safety Instructions

►Protect product from moisture and humidity.

►Protect product from too high or too low temperature (see Technical Data, p. 32).

►Protect product from fire.

►Do not paint the product.

►Do not modify or disassemble the product. Service must be carried out by HMS Industrial

Networks.

►Store products in dry and dust-free place.

2.2 Data Security Features

The SG-basic supports various security features. HMS recommends to activate and use this

security features as described in the following chapters.

2.2.1 OpenVPN

HMS recommends using encoding via OpenVPN, if supported by all participants, to

increase the internet safety.

The firmware includes an OpenVPN client, that can be used to integrate the SG-basic into a

virtual private network. For more information about OpenVPN and possible settings see the

WEB-PLC Online Help Settings – Settings – Network – OpenVPN. Additionally a How-to video

and a Startup Guide for OpenVPN are available on www.ixxat.com/sg-gw-download.

2.2.2 WEB-PLC Security

HTTPS

To increase the internet security, HMS recommends activating HTTPS to access the WEB-

PLC.

If the WEB-PLC is accessed with activated HTTPS the integrity and confidentiality of the session

and the login data are ensured. For information about activating HTTPS see Activating HTTPS, p.

15.

SG-basic User Manual 4.01.0401.20001 1.1 en-US

Safety Instructions 6 (38)

Terminating a Session

On a static web page the session is terminated (log out) after 10 minutes of inactivity or when

the browser is closed. On a dynamic web page there is no automatic log out as long as the

browser is active. Make sure to log out manually or to close the browser to log out if WEB-PLC

programming page or event log is opened.

2.2.3 Password Protected Configuration

HMS recommends exporting configuration files password protected. For security reasons

exclude user credentials and access rights from the export.

The configuration file can optionally be secured with a password. If a configuration file is secured

with a password, the configuration can only be imported after entering the password. For more

information about the export and import of configurations see Exporting and Importing a

Configuration, p. 21.

2.2.4 Restrictive Access Rights

HMS recommends configuring access rights for each user as restrictive as possible.

It is possible to configure for each user different access rights for the different device functions.

Make sure, that each user only has the access rights that are required to perform the tasks of

their role to minimize security risks (principle of least privilege). For more information about the

configuration of user accounts and access rights see Changing Password and Access Rights, p. 19.

2.2.5 Password Policy

HMS recommends configuring the password policy according to the international

password guideline NIST Special Publication 800-63.

The password must be changed after the first login.

It is possible to define requirements for passwords that apply for all created users. To ensure

that adequately strong passwords are used, the configuration of the password guideline should

be based on the international password guideline NIST Special Publication 800-63. For more

information about configuring user accounts and access rights see Changing Password and

Access Rights, p. 19.

2.2.6 Firewall

If device is connected directly to the internet (without router), the firewall must be

enabled.

HMS recommends using the device only in the local network and behind a firewall.

SG-basic User Manual 4.01.0401.20001 1.1 en-US

Scope of Delivery 7 (38)

For security reasons block communications ports that are not used.

The firewall improves the security of the device by analyzing network traffic and blocking

unallowed traffic. The firewall has a blocking policy: outgoing connections are allowed while

incoming connections are blocked except if a rule allows this specific connection.

Dynamic rules are created by the firewall for outgoing connections. Static rules allow access to a

specific service on the device from the network. For more information about configuring the

firewall see WEB PLC Online Help – Settings – Settings – Network - Firewall.

2.2.7 Firmware Updates

HMS recommends to install always the latest firmware version to maintain device security.

The firmware is constantly improved and expanded. Firmware updates are encrypted and

digitally signed by HMS to ensure the authenticity of the firmware version. For more information

about updating the firmware see Updating the Firmware, p. 16.

2.2.8 Event Log

The event log is cleared when the device is restarted and new events may overwrite older

events once the ring buffer is completely filled. The events that are stored in the event

log can be downloaded as csv file.

The event log is available in the WEB-PLC and includes security events like failed login attempts

with timestamp, message and event type. For more information see Diagnostics and Logging, p.

28.

2.2.9 Disposal

Make sure, that all sensitive data is removed from the device before decommissioning.

Follow the guidelines for secure, safe, and sustainable disposal of devices after use (see

Decommissioning and Disposal, p. 33).

2.3 Intended Use

The SG-basic is used to connect Modbus devices and energy communication systems with each

other and to SCADA systems or to cloud systems. The device is intended for installation on

standard DIN rail inside industrial cabinets or on DIN rail distribution boards inside building

automation boards.

3 Scope of Delivery

Included in the scope of delivery:

• SG-basic device

SG-basic User Manual 4.01.0401.20001 1.1 en-US

Scope of Delivery 8 (38)

• Quick Start Guide

• Micro SD card

• 1 x power connector 3-pin

• 1 x serial interface RS485

SG-basic User Manual 4.01.0401.20001 1.1 en-US

Table of contents

Popular Power Distribution Unit manuals by other brands

Lightcorp

Lightcorp Nik installation instructions

hager

hager SP 015 User instructions

Pakedge

Pakedge PowerPak 9 user guide

Pts

Pts 9042 Series installation guide

Shure

Shure WA405 user guide

CORNING

CORNING CCH 4U quick start guide

Panamax

Panamax M4LT-EX datasheet

PANCONNECT

PANCONNECT FLAT 3M Assembly instruction

Raytheon

Raytheon 138-118 manual

StarTech.com

StarTech.com RKPW161915 Spec sheet

D&R ELECTRONICS

D&R ELECTRONICS PDU-6SS user manual

Botex

Botex PSA 322-6 DL quick start guide

GE QuiXtra 4000 Assembly and mounting instructions

Vertiv

Vertiv Knürr DI-Strip Rack PDU manual

ABB

ABB PSBS0065 Instruction handbook

Baumuller

Baumuller BFN 3-1-0007-001 Instruction handbook

Eaton

Eaton StructuredWiringSolutions ESWT41600 Instruction leaflet

GE GEK-45404F instructions

HMS IXXAT SG-basic User manual

Popular Power Distribution Unit manuals by other brands