Helmholz PN MQTT Manual
  1. Manuals
  2. Brands
  3. Helmholz Manuals
  4. Adapter
  5. PN MQTT
  6. Manual

Helmholz PN MQTT Manual

Coupler
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
PN/MQTT Coupler
Manual
Version 2 | 6/18/2021 | for firmware V1.04 and above
Helmholz GmbH & Co. KG | Hannberger Weg 2 | D-91091 Großenseebach | Germany
Phone +49 9135 7380-0 | Fax +49 9135 7380-110 | info@helmholz.de | www.helmholz.com
Link to newest version of
manual

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the PN MQTT and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Helmholz PN MQTT

Summary of Contents for Helmholz PN MQTT

  • Page 1 Version 2 | 6/18/2021 | for firmware V1.04 and above Link to newest version of manual Helmholz GmbH & Co. KG | Hannberger Weg 2 | D-91091 Großenseebach | Germany Phone +49 9135 7380-0 | Fax +49 9135 7380-110 | info@helmholz.de | www.helmholz.com...
  • Page 2 Helmholz GmbH & Co. KG. All rights reserved in the event of the granting of a patent or the registration of a utility model. To download the latest version of this manual, please visit our website at www.helmholz.de. We welcome all ideas and suggestions.

  • Page 3: Table Of Contents

    Contents General ......................6 Structure of the manual ......................6 Target audience for this manual....................6 Safety instructions ........................6 Note symbols and signal words ....................7 Intended use ........................... 8 Improper use ........................... 8 Liability ............................ 9 1.7.1 Disclaimer of liability ......................9 1.7.2 Warranty ..........................
  • Page 4 Access to the web page ......................23 MQTT basic configuration ..................... 24 MQTT Payload formats ......................26 Status and control via the PLC ................ 27 Status of PN/MQTT Coupler ....................27 Control of PN/MQTT Coupler ....................27 Subscribe Module ........................27 MQTT encryption and authentication ............
  • Page 5 Application example „Amazon IoT Core“ ............ 44 17.1 Create a policy ........................45 17.2 Create „AWS IoT Things“ ....................... 46 17.3 Configure PN/MQTT Coupler for AWS Access ................ 49 17.4 Testing the MQTT Connection in AWS ................... 50 Application example „Microsoft Azure“ ............52 18.1 Create device in Azure ......................

  • Page 6: General

    General This operating manual applies only to devices, assemblies, software, and services of Helmholz GmbH & Co. KG. Structure of the manual This manual is divided into 19 sections. Section 1 contains general information and safety instructions. Section 2 refers to Security Recommendations.

  • Page 7: Note Symbols And Signal Words

    Note symbols and signal words If the hazard warning is ignored, there is an imminent danger to life and health of people from electrical voltage. If the warning is ignored, there is a probable danger to life and health of people. If the caution note is ignored, people can be injured or harmed.

  • Page 8: Intended Use

    Modifications to hardware or software configurations which are beyond the documented options are not permitted and nullify the liability of Helmholz GmbH & Co. KG. The device may not be used as the only means for preventing hazardous situations on machinery and systems.

  • Page 9: Liability

    Helmholz GmbH & CO. KG is not liable for damage caused by software that is running on the user’s equipment which compromises, damages, or infects additional equipment or processes through the remote maintenance connection and which triggers or permits unwanted data transfer.

  • Page 10: Security Recommendations

    Security recommendations Managed switches are network infrastructure components, and thus an important element in the security considerations of a system or network. When using the PN/MQTT Coupler, therefore please consider the following recommendations in order to prohibit unauthorized access to plants and systems.

  • Page 11: System Overview

    System overview General/area of application The MQTT protocol has become established in recent years as a simple transmission protocol for messages in the IoT world. MQTT stands for "Message Queue Telemetry Transport Protocol" and is an OASIS standard. Information on the MQTT protocol can be found here: mqtt.org The MQTT protocol always uses a central broker for communication between devices, which receives messages from e.g.

  • Page 12: Pn/Mqtt Coupler Features

    The integration into the PLC engineering tool is enabled by a GSDML file, an additional extra configuration software is not necessary. The configuration of the I/O data to be exchanged is done in the Siemens engineering tool. All settings for the MQTT connection can be done on the web page of the device.

  • Page 13: Installation And Removal

    Installation and removal Access restriction The modules are open operating equipment and must only be installed in electrical equipment rooms, cabinets, or housings. Access to the electrical equipment rooms, cabinets, or housings must only be possible using a tool or key, and access should only be granted to trained or authorized personnel.

  • Page 14: Emc Protection

    Recycling / WEEE The company Helmholz GmbH & Co. KG is registered as a manufacturer with the HELMHOLZ brand and the device type "Small devices of information and telecommunications technology for exclusive use in households other than private households" as well as the following registration data: Helmholz GmbH &...

  • Page 15: Connection

    Connection Power supply The PN/MQTT coupler must be supplied with DC 24 V at the wide-range input DC 18 ... 30 V via the supplied connector plug. The power supply is redundant, at least one supply path PS 1 or PS 2 must be connected.

  • Page 16: Network Connector

    network connector signal RJ45 connector color Wire pair Transmission Data + Yellow Transmission Data - Orange Receive Data + White Receive Data - Blue PN/MQTT Coupler | Version 2 | 6/18/2021...

  • Page 17: Install Gsdml File

    Install GSDML file Please download the GSDML file ("GSDML-V2.35-Helmholz-PN-MQTT-coupler- ____.xml") at www.helmholz.de or scan the QR code. Install the GSDML file in the "Tools" / "Manage device description file (GSD)" menu in the TIA Portal. The PN/MQTT Coupler can be found in the hardware catalog at "Other field devices / PROFINET IO / Gateway / Helmholz GmbH &...

  • Page 18: Configuration In Tia Portal

    Configuration in TIA Portal Add the PN/MQTT coupler to the project and connect the coupler to the PROFINET network. Name the device name and check the Ethernet address for the device. Parameterization of the PN/MQTT coupler The parameterization of the PN/MQTT coupler is performed via the PROFINET hardware configurator (e.g.
  • Page 19 MQTT IP-address mode (X2): Setting the IP address for the X2 network. Possible options: "DHCP" = The PN/MQTT Coupler tries to get an IP address as well as a gateway and a DNS server in the network via a DHCP server. "Static IP"...

  • Page 20: Operating Principle Of The Pn/Mqtt Coupler

    Operating principle of the PN/MQTT coupler The data exchange between the PLC and the MQTT broker is organized via individual values. A value can be 1, 2 or 4 bytes in size and is in the I/O area of the PROFINET controller. Depending on the data direction, the value is writable to outputs (MQTT Publish) or readable from inputs (MQTT Subscribe).
  • Page 21 The value of the input modules is initialized with 0 after restarting the coupler and is permanently taken over into the input area when a new value is received via MQTT. A bit additionally indicates the reception of a value in the PLC. For each module, the Topic name must be defined unambiguously in the module parameters.

  • Page 22: Assign A Name To The Pn/Mqtt Coupler

    PLC. If the configuration is correct, the PROFINET "BF" LED should be off. To set the PROFINET name, the Helmholz IPSet Tool can also be used, which can be downloaded free of charge from the Helmholz website or scan the following QR code to download the IPSet Tool.

  • Page 23: Configuration Of Mqtt Connection

    Configuration of MQTT connection Access to the web page As soon as the PN/MQTT coupler has been configured via the PROFINET PLC, the web page of the device is accessible via the PROFINET network. If the IP address is also available on the MQTT network page (static IP, DHCP successful), the web page is also accessible via the MQTT network.

  • Page 24: Mqtt Basic Configuration

    MQTT basic configuration After the configuration of the PROFINET side, the connection to the MQTT broker must still be configured on the web page of the PN/MQTT coupler. The configuration can be done in the "MQTT" menu. First select the "IP Settings". In the section "IP Address X2"...
  • Page 25 Broker TCP Port: Port for the MQTT connection to the broker. Common are "1883" for unencrypted and "8883" for TLS encrypted connections. Keep alive: Time for sending the cyclic life message of the coupler to the broker. If this message is missing, the broker assumes a failure of the coupler.

  • Page 26: Mqtt Payload Formats

    MQTT Payload formats The value of a topic can be sent in simple text form ("Text") or in structured form ("JSON”). Example for text format: -12345 Some MQTT applications expect a structured form in JSON format. Example for JSON format: "value": -12345 The values are displayed differently depending on the data type: Type...

  • Page 27: Status And Control Via The Plc

    Status and control via the PLC Status of PN/MQTT Coupler The PN/MQTT Coupler provides a status (4 bytes) via the PROFINET input image: Byte/Bit PROFINET PS 1 PS 2 X2 network X2 network Input configuration Voltage Voltage IP address cable Byte 0 available available...

  • Page 28: Mqtt Encryption And Authentication

    10 MQTT encryption and authentication The transmission between the client and the broker can be encrypted and the devices can authenticate each other, i.e. verify their identity. Encryption prevents a third party from reading the data. Authentication ensures that only the right devices can exchange data with each other.
  • Page 29 Encryption + Broker & Client authentication: enables encryption with mutual broker and client authentication. This option requires a CA and client certificate. In addition to broker verification by the client, the broker can also verify the client as it sends its certificate during the TLS handshake. Verify broker certificate: Certificates contain an expiration date and must be updated regularly.

  • Page 30: Generator For Certificates And Sas Tokens

    10.1 Generator for certificates and SAS tokens For an encrypted and authenticated connection with a broker - whether "on premise" or in the cloud - the certificate of the broker and the certificate of the parent certification authority ('CA') should be downloadable or generated by IT for the own network.

  • Page 31: More Mqtt Settings

    11 More MQTT settings Further settings for the MQTT behavior of the PN/MQTT Coupler can be made using the "Advanced MQTT Settings" dialog in the “MQTT” menu. 11.1 Topic Mode The topic mode determines how all configured topic messages are sent. Usually, each topic (each configured module) is sent or received individually as an MQTT message Topic Mode "Individual".

  • Page 32: Last Will Message

    For the Combined use case, the Topic Name for Publishing and the Topic Name for Subscription can be specified in the following settings, along with the associated QoS and Retain property. Example of Topic Mode "Individual”: Message 1 for Topic „temperature“ "value": 23 Message 2 for Topic „humidity“: "value": 40...

  • Page 33: Communication Enable" And „Communication Stopped" Messages

    11.3 „Communication Enable“ and „Communication Stopped“ messages The "Communication Enable" message is always sent by the PN/MQTT coupler when the coupler is ready for operation. For this the coupler must be configured via PROFINET and the PLC must be in RUN.

  • Page 34: Further Functions In The Web Interface

    12 Further functions in the web interface 12.1 Module status On the web page "Module status" the configured module configuration and the current IO data are displayed. If there is a configuration error, the error is displayed in the "Diagnostic message" column. 12.2 Export/Import of the configuration The settings made on the web page can be saved on the PC in an editable format for backup, for series production or for manual editing of the device configuration (download).

  • Page 35: Account

    12.3 Account In the menu "System" under "Account" the password of the user "admin" can be changed. Currently the PN/MQTT Coupler contains only this user, the name is not changeable. 12.4 Upload TLS certificates for HTTPS For secure access to the PN/MQTT Coupler website, a company certificate can be stored in the "System"...

  • Page 36: Firmware Update

    Link to latest firmware: http://www.helmholz.de/goto/700-162-3MQ02#tab-software The firmware file can be recognized by the file extension "HUF" (Helmholz Update File) and is encrypted to protect it from modification. Place the firmware file on your PC and select the storage location with "Browse" and start the firmware update with "Submit".

  • Page 37: Reset To Factory Settings

    12.7.2 Reset to factory settings via "IPSet" tool To reset the PN/MQTT Coupler to factory settings, the Helmholz tool "IPSet" can also be used via the PROFINET network. The Helmholz IPSet Tool can be downloaded free of charge from the Helmholz website at the product or scan the QR code.

  • Page 38: Diagnosis Via Leds

    13 Diagnosis via LEDs X1 PROFINET (left side) X2 MQTT network (right side) SF (red) Configuration correct Configuration correct PROFINET diagnostic alarm pending PROFINET side not configured or failed PROFINET function "LED flashing" for finding the Flashing device is executed BF (red) Connection to PROFINET controller is established MQTT broker connection is active...

  • Page 39: Client Tools For Mqtt Data Exchange

    14 Client tools for MQTT data exchange In order to be able to test the data exchange via the PN/MQTT coupler when the application is not yet available on the other side or to be able to observe the data sent by the PN/MQTT coupler next to the application, the use of MQTT client test programs is recommended.

  • Page 40: Application Example „Mosquitto

    15 Application example „mosquitto“ Eclipse Mosquitto (mosquitto.org) is an open source MQTT broker for MQTT V3.1.1 and MQTT V5. Mosquitto is available for Linux - including the Raspberry PI - as well as for the PC. The Mosquitto project also includes a command line MQTT client for testing. 15.1 Mosquitto Test-Host Eclipse Mosquitto operates a Mosquitto test broker at test.mosquitto.org.

  • Page 41: Application Example „Hivemq

    16 Application example „HiveMQ“ HiveMQ (https://www.hivemq.com) is a professional, scalable MQTT broker that runs both locally on the PC (Windows or Linux) and can be used in the cloud with high performance and high availability. HiveMQ can be used as a broker between the device layer and the cloud applications (AWS, Azure, SAP, etc.).

  • Page 42: Hivemq Cloud

    16.2 HiveMQ Cloud At https://www.hivemq.com/cloud/, an account can be created for the HiveMQ Cloud and own "clusters" (MQTT brokers) can be operated. HiveMQ offers the setup of a free cluster in the "Free" model for testing and small use cases. In addition, a professional cluster with full functionality can be tested free of charge for a few days in the "Starter"...
  • Page 43 In the PN/MQTT Coupler, the following settings must now be applied under "MQTT Client Settings": HiveMQ supports both MQTT version 3.1.1 and version 5. The ClientID can be any. Under Username and Password, accept the values entered in the MQTT Credentials.

  • Page 44: Application Example „Amazon Iot Core

    17 Application example „Amazon IoT Core“ The PN/MQTT Coupler makes it very easy to transfer data directly to the Amazon Cloud (AWS). The AWS IoT Core component is an MQTT broker in the AWS Cloud. MQTT messages can be sent directly to AWS IoT Core and then processed in the other AWS services.

  • Page 45: Create A Policy

    17.1 Create a policy Create a new device policy (set of rules for access rights) for the PN/MQTT Coupler under "Secure/Policies" and assign a name for the policy. Give the policy a name and enter "iot:*" for Action, "*" for Resource ARN and check "Allow" for Effect. Switch to the "Advanced mode"...

  • Page 46: Create „Aws Iot Things

    17.2 Create „AWS IoT Things“ Under “Manage/Things”, select “Create a single thing”. Give the “Thing” a name. The other fields on this page are not relevant for now. In the next dialog, select "Create certificate". PN/MQTT Coupler | Version 2 | 6/18/2021...
  • Page 47 Download "certificate for this Thing", "public key" and "private key" and keep them in a safe place, they cannot be reloaded. Additionally, download the root certificate ("root CA") from AWS. For this sample application, use the "RSA 248 bit key Amazon Root CA 1".
  • Page 48 Select the policy created at the beginning and create the device with "Register Thing". The device now appears in the list of "Things". Click on the device and select "Interact" in the next dialog. Copy the access URL ("Thing Shadow Endpoint") for this device.

  • Page 49: Configure Pn/Mqtt Coupler For Aws Access

    17.3 Configure PN/MQTT Coupler for AWS Access Configure the PN/MQTT coupler in the PROFINET engineering tool (e.g. TIA Portal) as described in chapter 7. When parameterizing the MQTT Topic modules, note that AWS only supports QoS '0' and '1' and that no "Retain" flag may be set for the Publisher modules! AWS IoT Core has some limitations with the MQTT messages: 1.

  • Page 50: Testing The Mqtt Connection In Aws

    The client certificate is the "xxx-certificate.pem.crt" file, it contains both the certificate and the public key of the client. The last thing you need is the private key of the client ("xxx-private.pem.key"). This completes the configuration and the PN/MQTT Coupler should connect to the AWS IoT Core. 17.4 Testing the MQTT Connection in AWS To check whether the data exchange with the PN/MQTT Coupler works via MQTT, MQTT Test Client can be called in the AWS IoT Core.
  • Page 51 If the test is successful, the configuration is complete! For the connection with amazon AWS, it is mandatory to specify a gateway and a DNS server in the IP settings. To check that the certificates are up to date, activate time synchronization via SNTP.

  • Page 52: Application Example „Microsoft Azure

    18 Application example „Microsoft Azure“ 18.1 Create device in Azure Under Microsoft Azure, an IoT Hub must first be created. Choose an appropriate subscription. For a new AWS account, the "Free Trial" can be used if applicable. The IoT Hub name can be chosen arbitrarily.
  • Page 53 Then select the newly created IoT Hub. In the menu tree, select "IoT devices" at the bottom left and create a new device with "New" at the top. PN/MQTT Coupler | Version 2 | 6/18/2021...
  • Page 54 In the following dialog you can give the device a device ID. The other settings can be used unchanged, important are the options" Symmetric key" and Generate key automatically. Select the device. Copy the "Primary Connection String" to the clipboard. PN/MQTT Coupler | Version 2 | 6/18/2021...

  • Page 55: Configure Pn/Mqtt Coupler For Azure

    18.2 Configure PN/MQTT Coupler for Azure The PN/MQTT coupler must already be configured via PROFINET and have an IP address on the MQTT network side and be able to establish a connection to the Internet (gateway and DNS server are available).
  • Page 56 Since Microsoft Azure can only receive one central topic from each device, all configured values from the PLC must be sent together in a combined topic. Select "MQTT / Advanced MQTT settings" and check whether the "Combined Topic mode" is activated.

  • Page 57: Checking The Data Transfer In Microsoft Azure

    18.3 Checking the data transfer in Microsoft Azure Whether there is an active connection of the PN/MQTT Coupler with the IoT Hub can be seen in the IoT Hub overview under "IoT Hub usage". The active connections and the number of messages used are displayed there.

  • Page 58: Technical Data

    19 Technical data Order no. 700-162-3MQ02 Article designation PN/MQTT Coupler PROFINET interface (X1) Connection 2x RJ45, integrated switch Protocol PROFINET IO Device as defined in IEC 61158-6-10 Transmission rate 100 Mbit/s full duplex I/O image size Up to 1024 Byte of input and output data Number of configurable slots PROFINET Conformance Class B (in preparation), media redundancy (MRP-Client),...

Table of Contents