Exporting Digitally Signed Xml Files - Siemens SIMATIC PCS 7 Operating Manual

Plant automation accelerator 3.0

Hide thumbs Also See for SIMATIC PCS 7:

System manual (366 pages)

Configuration manual (302 pages)

Manual (286 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

page of 216

/ 216
Contents
Table of Contents
Bookmarks

Table of Contents

Export from PAA to PCS 7

17.3 Exporting digitally signed XML files:

17.3

Exporting digitally signed XML files:

Note

Security when performing data exchange via XML format

● Access to the transfer medium/transfer directory:

When using the indirect data exchange via XML format between PAA and PCS 7, ensure

that the transfer medium or the transfer directory of the XML files is only accessible to

authorized persons.

● Digitally signed XML files:

To describe the origin and integrity of the XML data, you can sign the XML file digitally during

the data exchange in XML format. This corresponds to the requirements of the PCS 7

security concept.

By checking the digital signature, you ensure that the XML file on the transfer medium has

not been modified.

The digital signature on the XML file is deactivated by default. Activating the digital signature

is recommended.

See also chapter Overview of data exchange with PCS 7 (Page 15).

Requirement

To sign the XML file, the following objects must be available on the PC:

● The certificate of the user that is signing.

This certificate can be created by a commercial provider or via a "Windows Server

Certification Authority" and must be saved in the Windows "MMC" console under "Current

user > Certificates". The corresponding "CA" certificate must be saved in the "MMC"

console under "Trusted Root Certification Authorities".

For this certificate, in the properties of the "Key usage" attribute, at least one of the values

must be set, either"Digital signature" ("digitalSignature") or "non-repudiation"

("nonRepudiation").

● The Private Key for this certificate.

Procedure

To use the digital signature in the PCS 7 project, in the plugin "Import / Export PCS 7" in the

"Export" tab in the "Project selection" control group, activate the option "XML signature".

Standards applied

The RSA asymmetric signature procedure is used, according to standard "PKCS#1

www.ietf.org/rfc/rfc3447.txt)". The attributes of the certificate are described in the certificate

definition under "Internet link (http://www.ietf.org/rfc/rfc5280.txt)".

166

Plant Automation Accelerator 3.0

Operating Manual, 04/2019, A5E46351208-AA

(https://

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Exporting Digitally Signed Xml Files - Siemens SIMATIC PCS 7 Operating Manual

17.3 Exporting digitally signed XML files:

Hide quick links:

Related Manuals for Siemens SIMATIC PCS 7

Related Content for Siemens SIMATIC PCS 7

Table of Contents