ABB ARM600 User Manual
  1. Manuals
  2. Brands
  3. ABB Manuals
  4. Gateway
  5. ARM600
  6. User manual

ABB ARM600 User Manual

M2m gateway
Hide thumbs Also See for ARM600:
Table of Contents

Advertisement

Quick Links

Download this manual
M2M Gateway
ARM600
User Manual

Advertisement

Table of Contents
loading

Related Manuals for ABB ARM600

Summary of Contents for ABB ARM600

  • Page 1 M2M Gateway ARM600 User Manual...
  • Page 3 Document ID: 1MRS758861 Issued: 2017-09-29 Revision: A Product version: 4.3 © Copyright 2017 ABB. All rights reserved...
  • Page 4 Copyright This document and parts thereof must not be reproduced or copied without written permission from ABB, and the contents thereof must not be imparted to a third party, nor used for any unauthorized purpose. The software or hardware described in this document is furnished under a license and may be used, copied, or disclosed only in accordance with the terms of such license.
  • Page 5 In case any errors are detected, the reader is kindly requested to notify the manufacturer. Other than under explicit contractual commitments, in no event shall ABB be responsible or liable for any loss or damage resulting from the use of this manual or the application of the equipment.
  • Page 6 (EMC Directive 2004/108/EC) and concerning electrical equipment for use within specified voltage limits (Low-voltage directive 2006/95/EC). This conformity is the result of tests conducted by ABB in accordance with the product standard EN 60255-26 for the EMC directive, and with the product standards EN 60255-1 and EN 60255-27 for the low voltage directive.

  • Page 7: End User License Agreement

    End user license agreement This End User License Agreement is a legal agreement between you and ABB for the Product identified below. BY INSTALLING, COPYING, OR OTHERWISE USING THE PRODUCT YOU AGREE TO BE BOUND BY THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE, YOU ARE NOT ENTITLED TO INSTALL OR USE THE PRODUCT.
  • Page 8 ABB. For the purposes of this agreement the term ”nuclear facilities” shall mean any nuclear...
  • Page 9 5.4 Third party software You acknowledge that the Product contains certain proprietary software licensed to ABB by third parties. You agree to such third party software license agreements provided by the said third parties. Such third parties may enforce this Agreement and their own license terms directly against You to the extent of such third party’s interest...

  • Page 10: Intellectual Property Rights

    (i) you promptly notify ABB in writing of the claim; (ii) ABB shall have the sole control of the defense and all related settlement negotiations; and (iii) you provide ABB with the assistance, information and authority necessary for ABB to perform its obligations under this section.
  • Page 11 14. Warranty Provided that you have a valid license to use the Product, ABB warrants that a) for a period of 90 days from the date of shipment of your license (the “Warranty Period”) that it will perform substantially in accordance with the written materials that accompany the Product;...
  • Page 12 Product, even if ABB or any of its suppliers has been advised of the possibility of such damages. In any case ABB’s entire liability under any provision of this Agreement shall be limited to the...

  • Page 13: Safety Information

    Safety information Dangerous voltages can occur on the connectors, even though the auxiliary voltage has been disconnected. Non-observance can result in death, personal injury or substantial property damage. National and local electrical safety regulations must always be followed. This product is not fault-tolerant and is not designed, manufactured or intended for use or resale as on-line control equipment or as part of such equipment in any hazardous environment requiring fail-safe performance, such as in the operation of nuclear facilities, aircraft...

  • Page 15: Table Of Contents

    Intended audience................3 Product documentation...............3 Product documentation set............3 Document revision history............. 3 Related documentation..............4 Symbols and conventions..............4 Symbols..................4 Document conventions..............5 Section 2 ARM600 overview............7 Overview.....................7 Key features..................8 Physical interfaces................9 Standard edition................9 Front panel................9 Back panel................10 Health indicators..............10 Enterprise edition.................11...
  • Page 16 RIO600 device management ............40 Updating RIO600 configuration..........41 Updating RIO600 firmware.............43 Exporting RIO600 configurations from PCM600....44 Section 8 Troubleshooting..............49 Common problems and solutions............. 49 Questions and answers..............50 Section 9 Technical data..............51 Section 10 Glossary................. 55 ARM600 User Manual...

  • Page 17: Section 1 Introduction

    The personnel involved in installing and managing the Arctic devices are expected to be experienced in secure network practices. Product documentation 1.3.1 Product documentation set Product series- and product-specific manuals can be downloaded from the ABB Web site http://www.abb.com/substationautomation. 1.3.2 Document revision history Document revision/date...

  • Page 18: Related Documentation

    3G/LTE configuration guide Technical Configuring Wireless Gateways, 1MRS758449 Note Controllers and M2M Gateway Product series- and product-specific manuals can be downloaded from the ABB Web site http://www.abb.com/substationautomation. Symbols and conventions 1.4.1 Symbols The electrical warning icon indicates the presence of a hazard which could result in electrical shock.

  • Page 19: Document Conventions

    Select Main menu/Settings. • Parameter names are shown in italics. The function can be enabled and disabled with the Operation setting. • Parameter values are indicated with quotation marks. The corresponding parameter values are "On" and "Off". ARM600 User Manual...

  • Page 21: Section 2 Arm600 Overview

    ARM600 overview Overview M2M Gateway ARM600 is a member of ABB’s Arctic product family. ARM600 is a communication server, a VPN concentrator and firewall and is typically placed in the same location as the central control and monitoring system, such as SCADA.

  • Page 22: Key Features

    Supports OpenVPN, L2TP and SSH-VPN tunnels • OpenVPN bridging • Connection to ARM600 with a PC from any location via VPN • Firewall to restrict unauthorized access • Provides static IP addressing of Arctic 600 series wireless gateways for SCADA •...

  • Page 23: Physical Interfaces

    Section 2 1MRS758861 A ARM600 overview Physical interfaces 2.3.1 Standard edition 2.3.1.1 Front panel GUID-257E5F22-2ADB-47CA-A85F-4ABB94710FE9 V1 EN Figure 2: Front panel 1 Power on indicator, power button 2 Video (VGA) connector 3 LCD menu buttons 4 LCD panel 5 Two USB 2.0 connectors...

  • Page 24: Back Panel

    Section 2 1MRS758861 A ARM600 overview 2.3.1.2 Back panel GUID-782AFB7E-203E-4C87-A70F-DED52B49E55A V1 EN Figure 3: Back panel 1 Two USB 3.0 connectors 2 Power supply unit (PSU) 3 Video (VGA) connector 4 Ethernet connector for WAN #1 (Gb1) 5 Ethernet connector for LAN #2 (Gb2) 2.3.1.3...

  • Page 25: Enterprise Edition

    Section 2 1MRS758861 A ARM600 overview 2.3.2 Enterprise edition 2.3.2.1 Front panel GUID-4673F94B-E625-408D-B504-8BDC8D9E6D50 V1 EN Figure 4: Front panel 1 Two USB connectors 2 Optical drive 3 Service tag (EST) 4 LCD panel 5 Hard drive 1 6 Hard drive 2...

  • Page 26: Back Panel

    Section 2 1MRS758861 A ARM600 overview 2.3.2.2 Back panel GUID-D6042498-542B-424D-A76D-C4B0ECB612B5 V1 EN Figure 5: Back panel 1 Ethernet connector for LAN #1 (eth0) 2 iDRAC 3 Power supply health/activity indicators 4 Video (VGA) connector 5 Ethernet connector for WAN #2 (eth1)

  • Page 27: Deployment Scenarios

    Arctic 600 series wireless gateways and ARM600 is initiated by the wireless gateways. If a private APN is used, ARM600 does not need a public IP address. Instead, a private static IP address can be used. The cellular operator’s access router provides routing between IP addresses of the SIM cards and M2M gateway.
  • Page 28 DMZ installation ARM600 behind the company’s firewall There is no DMZ in this setup as ARM600 is directly connected to the company’s LAN. As in the DMZ scenario, ARM600 has a private IP address and the border router/firewall forwards packets from a public, static IP address to ARM600.

  • Page 29: Section 3 Cyber Security

    Keep passwords stored in a safe place, for example, Encrypted password management tool. • Check that all unused services are disabled. • If possible, allow IP connections only via VPN. • Disable all unused services, for example, Dial-in, SMSconfig, serial and SNMP. • Back up the configuration. ARM600 User Manual...

  • Page 31: Section 4 Getting Started

    Connecting cables Verify that the available AC operating voltage complies with the hardware specifications. Insert the AC power cord to ARM600 and connect the other end to the AC socket or rack’s power rail. Insert the Ethernet cables. ARM600...

  • Page 32: Logging In

    Logging in Configure the computer to use the same IP address space as the device. Example: Laptop IP is 10.10.10.11 with netmask 255.255.255.0. In a Web browser, connect to the ARM600 WHMI on port 10000 using the HTTPS protocol. •...

  • Page 33: Section 5 Web Hmi

    • System • Network • • Firewall • Arctic Patrol • Tools GUID-45F85539-9F74-4477-BA08-6A4E57D384C5 V1 EN Figure 10: Menu structure System menu The system menu contains the system overview and time settings. ARM600 User Manual...

  • Page 34: Network Menu

    • Using NTP server for acquiring and keeping the correct time ARM600 can work as a time server for providing time to the LAN or VPN connected devices. By default the time setting is configured as NTP client using the NTP pool servers.

  • Page 35: Vpn Menu

    In most cases, the recommended operation mode is Layer 3 VPN. Firewall menu ARM600 has a built-in stateful firewall. In addition to the firewall settings, the firewall menu contains D-NAT and S-NAT settings that control pre- and post-routing packet forwarding (network address translation).

  • Page 36: Arctic Patrol Menu

    Arctic 600 series wireless gateway configurations and alarms from any faults in the availability of the Arctic 600 series wireless gateways. The Arctic Patrol interface can be accessed via ARM600. It offers information about the entire communication system status at a glance.
  • Page 37 The devices need to be selected from the "Devices" submenu before a batch run can be done. Details Shows device-specific details that are useful for troubleshooting. The device’s configuration can also be viewed. Table continues on next page ARM600 User Manual...

  • Page 38: Tools Menu

    Used to create and restore backups and upload/download them from/into a PC. ARM600 contains a factory backup that can be used for reverting to the factory configuration. However, the IP addresses of network interfaces are not reverted to factory defaults.
  • Page 39 1MRS758861 A Web HMI Menu Description Support Log Used to download the system log and ARM600 configuration collection to a PC. The support log is used for troubleshooting purposes. Release Notes Contains the release notes for the currently running ARM600 firmware version.

  • Page 41: Section 6 Network Configuration

    Click Edit interface eth1 and configure the eth1 parameters. It is recommended to configure the eth1 interface (LAN) first, as the PC is now connected to ARM600 via the eth0 interface (WAN). Change the IP address and netmask according to the required setup.

  • Page 42: Network Configuration

    1MRS758861 A Network configuration As the public IP address of ARM600 is case dependent, it is not possible to define an example. If ARM600 is located in DMZ, the eth0 IP address can be a private IP address. In that case the specific ports are forwarded to ARM600 by border router.

  • Page 43: Ethernet Interface Setup Parameters

    At this point, there is usually no need for adding static routes. If the SCADA or other control entity is in a different subnet than the ARM600 LAN, define a static route to that subnet. Do not define static routes over dynamic VPN tunnels.

  • Page 45: Section 7 Arctic Patrol

    The available actions shown in Arctic Patrol depend on the features and devices that the Arctic wireless devices have reported. The Arctic wireless devices’ local network is scanned for supported ABB products only, if the feature has been enabled in the Arctic wireless device.
  • Page 46 Click No to confirm that there is no existing SSH public key. Define the device information and click Register device. • Arctic device’s serial number • ARM600’s IP address (usually public) • Connection mode • Connection interval GUID-55D1DC35-DABB-4706-A409-0A0439A3A232 V1 EN...
  • Page 47 GUID-25FBF1ED-6C4E-4A9B-8F71-E0FB08FC07BA V1 EN Figure 13: Configuration content Log in to the Arctic device as the arctic-adm user. Click Arctic Patrol and select Import New. Paste the configuration content to the Patrol configuration file box and click Submit. ARM600 User Manual...
  • Page 48 Figure 15: Editing configuration Reboot the Arctic device. 10. Log in to ARM600's WHMI, click Arctic Patrol and select Devices. 11. Select the check box of the new Arctic device, select Accept devices from the drop-down list and click Do action.

  • Page 49: Allowing Arctic Devices To Scan Local Networks

    Accepting devices 12. Click OK in the verification dialog. When the Arctic device is rebooted and accepted in the ARM600’s Patrol, the device details and configuration file are transferred to ARM600. The device details are shown in the ARM600’s Patrol view.

  • Page 50: Asset Management

    Arctic wireless devices. Additionally, RIO600 update actions can also be performed from a remote Arctic wireless device through the ARM600’s WHMI. The asset management functionality is developed on top of the Arctic Patrol application, which is a centralized management system running in ARM600 (server) and Arctic wireless devices (clients).

  • Page 51: Selecting Devices For Device Management

    7.3.1 Selecting devices for device management To manage devices through the ARM600's Arctic Patrol application, they have to be first selected from the Patrol device list. When the Arctic device has been set to scan local networks, the detected devices are visible in the Arctic Patrol application’s device list.

  • Page 52: Arctic Device Management

    Updating Arctic device firmware The asset management functionality enables a batch update possibility. First the firmware file is uploaded to ARM600 via the WHMI and then ARM600 performs the batch update as a background process. This requires Arctic devices with firmware version 3.3.1 or later.

  • Page 53: Rebooting Arctic Devices

    On the left pane under the Arctic Patrol menu, select Management. In the management actions list, verify that the correct devices are selected and select system reboot under API commands. Click Run this action for all selected devices to reboot the devices. ARM600 User Manual...

  • Page 54: Rio600 Device Management

    If enabled in the Arctic wireless devices’ configurations, the Arctic wireless devices scan their local networks for RIO600 devices and report them to the ARM600’s Patrol view. The RIO600 devices are separately listed under each Arctic device the way they were found on the network.

  • Page 55: Updating Rio600 Configuration

    7.3.3.1 Updating RIO600 configuration With the M2M Gateway ARM600 Patrol application it is possible to write new configurations in batch to many RIO600 devices connected to one or many Arctic devices. The RIO600 configurations to be written to RIO600 devices has to first be exported from PCM600.
  • Page 56 GUID-16B24A84-9CD1-4CB4-84E2-482889D4688D V1 EN Figure 26: Selecting RIO600 configuration package ARM600 asset management tries to automatically associate uploaded configurations to the found devices. However, if this is not possible, create the association manually. 8.1. Select a configuration from the left side under Configurations.

  • Page 57: Updating Rio600 Firmware

    7.3.3.2 Updating RIO600 firmware The ARM600 Patrol application enables the writing of firmware as a batch to several RIO600 devices connected to one or several Arctic devices. However, all RIO600 modules and firmware versions cannot be updated. The firmware packages supported by the Patrol application contain one or many firmware files for the RIO600 modules and are distributed in zip files, for example, RIO600V1.7.3_FIRMWARE.zip...

  • Page 58: Exporting Rio600 Configurations From Pcm600

    This requires that the RIO600 connectivity package is installed in PCM600. Every RIO600 device must have their own unique configuration within a PCM600 project. See the PCM600 documentation for information on how to install and work with connectivity packages. ARM600 User Manual...
  • Page 59 Write to IED command is executed, the configuration is exported to a zip file instead of being directly written to a RIO600 device. The exported zip file can be uploaded into ARM600’s Patrol WHMI for transfer as a batch to the RIO600 devices connected to the Arctic devices.
  • Page 60 GUID-EA1CFE80-171E-49B3-872C-3198F849647B V1 EN Figure 31: Selecting Export Configuration in Write to IED In the ExportConfigurationWindow dialog, select each of the RIO600 devices from which the configuration should be exported, click Browse to set the Export Path and click OK. ARM600 User Manual...
  • Page 61 <project name>.zip is instead generated to the selected export path. The file <project name>.zip that was exported to the chosen export path is now ready to be uploaded to ARM600's WHMI. RIO600 export for ARM600 is available in ABB IED Connectivity Package for RIO600 Ver.1.7.2 or later. ARM600...

  • Page 63: Section 8 Troubleshooting

    Check that the border firewall does not block the traffic and that there is a port forwarding to ARM600, if the public IP is associated to the border router. At least the VPN port must be open (UDP 1194 for first OpenVPN server instance).

  • Page 64: Questions And Answers

    When using standard “off the shelf” public cellular network SIM cards in the Arctic field ARM600? devices, they are routed over the Internet. ARM600 is a server equipment and it requires a public, static IP address when public networks are used. The public IP address may be associated to the company’s border router and VPN packets can be port forwarded to...

  • Page 65: Section 9 Technical Data

    Operating voltage Temperature Continuous operation 10...35°C (50...95°F) with no direct sunlight on the (for altitude less than equipment 950 m or 3117 ft) Storage 20°C/h (36°F/h) Maximum temperature 20°C/h (36°F/h) (gradient and operating) Table continues on next page ARM600 User Manual...

  • Page 66: Technical Data

    27 G with velocity change at 235 in/s or greater Maximum altitude Operating -15.2...3048 m (-50...10,000 ft) For altitudes above 2950 ft, the maximum operating temperature is de-rated 1°F/550 ft. Storage -15.2...10,668 m (-50...35,000 ft) ARM600 User Manual...
  • Page 67 Ordering data Description Standard edition Enterprise edition ARM600B2500NA ARM600B2505NA Ethernet ports Power supply single dual single dual RAID CPU type Core 2 Duo Xeon 8 GB 32 GB Max Arctic connections 3000 Size 1U 19" 1U 19" ARM600 User Manual...

  • Page 69: Section 10 Glossary

    TCP/IP protocol. Key performance indicator L2TP Layer 2 tunneling protocol Local area network Liquid crystal display Machine to machine Not applicable or available Network time protocol 1. Personal computer 2. Polycarbonate PCM600 Protection and Control IED Manager ARM600 User Manual...
  • Page 70 Subscriber identity module SNMP Simple Network Management Protocol Secure shell Transmission Control Protocol User datagram protocol Universal serial bus Video graphics array Virtual Private Network Wide area network WHMI Web human-machine interface iDRAC Integrated Dell remote access control ARM600 User Manual...
  • Page 72 Contact us ABB Oy Medium Voltage Products, Distribution Automation P.O. Box 699 FI-65101 VAASA, Finland Phone +358 10 22 11 +358 10 22 41094 www.abb.com/mediumvoltage www.abb.com/substationautomation...

Table of Contents