Download
Share
Print this page
Pilz PITreader Manual
  1. Manuals
  2. Brands
  3. Pilz Manuals
  4. Industrial Equipment
  5. PITreader
  6. Manual

Pilz PITreader Manual

Hide thumbs Also See for PITreader:

Advertisement

Quick Links

Download this manual
PITreader
PITreader Firmware V1.5.x
}
Control and signal devices
Operating Manual-1004806-EN-08

Advertisement

loading

Related Manuals for Pilz PITreader

Summary of Contents for Pilz PITreader

  • Page 1 PITreader PITreader Firmware V1.5.x Control and signal devices Operating Manual-1004806-EN-08...
  • Page 2 Preface This document is the original document. All rights to this documentation are reserved by Pilz GmbH & Co. KG. Copies may be made for the user's internal purposes. Suggestions and comments for improving this documenta- tion will be gratefully received.
  • Page 3 Validity of documentation......................Using the documentation ......................Definition of symbols......................... Third-party manufacturer licence information ................Overview ..........................Device features ......................... PITreader device view with base unit ..................Safety ............................Intended use ..........................Safety regulations ........................3.2.1 Additional documents that apply....................3.2.2 Use of qualified personnel ......................
  • Page 4 API Clients ..........................8.15 Save and restore configuration....................8.16 Reset to default settings ......................Firmware update ........................Operation ..........................10.1 LED indicator ..........................10.2 Safely decommission PITreader....................10.3 Diagnostics ..........................10.3.1 Statistics ........................... Operating Manual PITreader, PITreader Firmware V1.5.x 1004806-EN-08...
  • Page 5 Technical details ........................Supplementary data ......................12.1 Radio approval.......................... 12.2 Network data..........................12.3 Overview of permissions......................Order reference ........................13.1 Authentication system....................... 13.2 Transponder key........................13.3 Accessories ..........................EC declaration of conformity ....................Operating Manual PITreader, PITreader Firmware V1.5.x 1004806-EN-08...
  • Page 6 Introduction Introduction Validity of documentation This documentation is valid for the product PITreader. It is valid until new documentation is published. This operating manual explains the function and operation, describes the installation and provides guidelines on how to connect the product.
  • Page 7 The request for the source code must be received 3 years at the latest after the receipt of the relevant MPL. Irrespective of this period we will send you a complete, machine-read- able copy of the source code as long as Pilz offers spares or technical support for this device.
  • Page 8 For mounting cutouts D22 (diameter 22.3 mm +0.4 mm/-0.0 mm) in accordance with EN 60947-5-1 with anti-rotation device Only PITreader S base unit type devices and versions of the PIT gb with PITreader (e.g. PIT gb RLLE y up ETH, PIT gb RLLE y down ETH): Integrated OPC Server UA Operating Manual PITreader, PITreader Firmware V1.5.x...
  • Page 9 X2 Ethernet interface [1] Device description [2] Order number [3] Serial number [4] PITreader base unit, including spring-loaded terminal (order no. 402 255) [5] PITreader key adapter h (order no. 402 308) [6] PITreader key (see also Transponder key [ 20]) Operating Manual PITreader, PITreader Firmware V1.5.x...
  • Page 10 Safety Safety Intended use The PITreader is a system for authentication and authorisation on control systems. Authen- tication is via transponder key. The following is deemed improper use in particular Any component, technical or electrical modification to the product, Use of the product outside the areas described in this operating manual,...
  • Page 11 Any type of modification has been made (e.g. exchanging components on the PCB boards, soldering work etc.). 3.2.4 Disposal When decommissioning, please comply with local regulations regarding the disposal of electronic devices (e.g. Electrical and Electronic Equipment Act). Operating Manual PITreader, PITreader Firmware V1.5.x | 11 1004806-EN-08...
  • Page 12 Perform a risk assessment in accordance with VDI/VDE 2182 or IEC 62443-3-2 and plan the security measures with care. If necessary, seek advice from Pilz Customer Support. Implemented security measures The web application is protected against unauthorised access by a password prompt.
  • Page 13 Limit Modbus/TCP connections to the internal machine network. Secure the connection against external networks. As soon as possible, install firmware updates that Pilz provides for the product. Keep the transponder key in a safe place and protect it from unauthorised access. Advise users of the security risks of sharing transponder keys.
  • Page 14 (LED: yellow) (LED: red) (LED: red) Fig.: Authentication procedure Authentication modes The PITreader supports two authentication modes: Transponder data [ Pre-defined, group-based authentication in the transponder key External [ Authentication takes place externally e.g. via PLC, HMI When delivered, the transponder data authentication mode is set. The authentication mode can be changed in the web application.
  • Page 15 PITreader devices are combined within a device group. One user (one transponder key) has the same permission on all PITreader devices within a group. Another user can have a different permission. Device groups can be used for a machine type, for example (in this...
  • Page 16 External In external authentication mode, a user can authenticate himself on the connected control system or on the HMI by inserting a transponder key into the read area of the PITreader. The following connection options are available: External authentication (Modbus/TCP) PITreader Fig.: External authentication (Modbus/TCP)
  • Page 17 API Client (e.g. HMI) and the data from the transponder key (e.g. security ID). Authentication occurs on the REST API Client. The information about the authentication status is adopted by the PITreader and forwarded to the controller and the safe evaluation unit (e.g. PIT m4SEU). The externally calculated authentication status is displayed via the device LED on the PITreader.
  • Page 18 LED lights up red. Activate authentication block: Log in for single authentication by inserting the transponder key on the PITreader. By log- ging in, an authentication block is activated for all other transponder keys. If the transpon- der key is removed, the authentication block remains activated.
  • Page 19 Permission on the second transponder key: 5 -> Authentication occurs with permission 5 – Permission on the first transponder key: 1 Permission on the second transponder key: 5 -> Authentication occurs with permission 1 Operating Manual PITreader, PITreader Firmware V1.5.x | 19 1004806-EN-08...
  • Page 20 With the exception of "PITreader key ye g", all transponder keys are pre-programmed in the factory and the permission cannot be modified. The permission applies to all PITreader groups. In the case of "PITreader key ye g", the permission for the PITreader groups can be modi- fied and also locked as an option. Factory-locked...
  • Page 21 The ID is a number in the range 1 ... 65535. It uniquely identifies a parameter. Users can freely assign the ID. Note: Users should not use IDs 1 ... 9999 because they might be used by Pilz for system parameters.
  • Page 22 4 Byte 0 ... 64 (Hamming-coded) In order for the user data to be employed it must be configured on the PITreader. The indi- vidual parameters are created in the configuration. A maximum of 64 parameters can be created on the PITreader.
  • Page 23 Details of when the permission for a device group will start to be valid. This value can be defined for groups 0 ... 9999. Note: The start date is only evaluated if the Evaluate validity date option is activated for the PITreader. DATETIME End date Details of when the permission for a device group will cease to be valid.
  • Page 24 Basic coding [ OEM coding [ The identifiers for both codings can be stored on a PITreader. Only the identifier for one of the codings can be stored on the transponder key. The effect of the codings is the same, but they differ in the way the identifiers are changed and deleted on the PITreader and the way in which the transponder key is taught in.
  • Page 25 5.6.2 OEM coding With OEM coding, a second identifier can be stored in the PITreader to check the transpon- der keys. PITreader devices with OEM coding accept transponder keys with the same OEM identifier or with the right basic identifier (see Basic coding [ 25]).
  • Page 26 You can lock the authentication of certain transponder keys. Once a transponder key is in the block list, it can no longer be authenticated on the PITreader. This function can be use- ful, for example, when a user has lost his transponder key. It can stop unauthorised per- sons authenticating themselves on the PITreader.
  • Page 27 Function description 5.9.2 Function codes (Client connections) The Modbus/TCP Server in the PITreader supports the following function codes (FC): Function code Function Read Discrete Input The connection Client reads bit data from the connection Server, data length ≥ 1 bit,...
  • Page 28 Function description Input Register (Word/16 Bits) PITreader -> Modbus Client, register access read (with FC04) Address Content 3x0001 … 3x0002 PITreader order number (coded) Bits 31 to 24: Product group (00 = empty, 01 = G1) Bits 23 to 20: Revision (00 = empty )
  • Page 29 The address of the Modbus/TCP Register is displayed in the web applica- tion under Configuration -> User data. The address can also be calculated using the following formula: Address_n = Address_(n-1) + RoundUp_2-Byte ( Length_(n-1) ) Operating Manual PITreader, PITreader Firmware V1.5.x | 29 1004806-EN-08...
  • Page 30 HTTP(S) connection A connection to a configuration computer can be established via the Ethernet interface. The PITreader can be configured via a web application and it is possible to read and write transponder keys (see also chapters entitled Configuration [...
  • Page 31 5.11 24 V I/O port The PITreader has a 24 V I/O port. No function is assigned to the I/O port upon delivery. The I/O port can be configured either as an output or an input in the web application. I/O port as output If the I/O port is configured as an output, the current authentication status can be output via this output.
  • Page 32 Order reference [ 56]). Plug the PITreader base unit (order no. 402 255) on to the neck of the PITreader key ad- apter h (order no. 402 308) and turn it 15° clockwise until it locks into position. Operating Manual PITreader, PITreader Firmware V1.5.x...
  • Page 33 Install the base unit Dimensions in mm 22.3 44.6 Operating Manual PITreader, PITreader Firmware V1.5.x | 33 1004806-EN-08...
  • Page 34 2. Connect the PITreader to a controller (PLC, HMI) via the Ethernet interface (X2). Base unit with safe evaluation unit Follow the instructions below: 1. Connect the PITreader to a safe evaluation unit PIT m4SEU (see also PIT m4SEU op- erating manual). Operating Manual PITreader, PITreader Firmware V1.5.x...
  • Page 35 Connect the configuration PC directly to the Ethernet interface X2 of the PITreader. 2. Adjust IP address of the configuration PC To access the PITreader, the IP address of the PC has to be in the same subnet as the IP address of the PITreader.
  • Page 36 If you use a self-signed certificate, you will be warned that the connection is not secure when you try to establish a connection to the PITreader. In order to establish a connection, you must add a security exception rule to your web browser.
  • Page 37 "2-person rule". Location description In the web application, under Configuration -> Settings -> Location description, you can enter a description of the location of the PITreader. A maximum of 47 characters are per- mitted. Data logging with personal data In the web application you can select whether personal data (security ID, user and IP ad- dress) is to be logged in the diagnostic log under Configuration ->...
  • Page 38 Transponder -> Permissions -> Program. If you are using a locked transponder key or a transponder key that Pilz has pre-pro- grammed in the factory and you have set a basic identifier, you can teach in the transpon- der key to the basic coding under Transponder ->...
  • Page 39 PITreader that is only used for this purpose. This guarantees that new transponder keys with the OEM identifier can only be created by a person who knows the OEM identifier or who is using a PITreader that has been con- figured specifically for this purpose.
  • Page 40 You can configure this option for transponder keys with both ba- sic and OEM coding. If you wish to limit coded transponder keys to identically coded PITreader devices, then go to Transponder -> Data, select Limit to PITreaders that are identically coded and then click on Program.
  • Page 41 Once set, the OEM identifier can no longer be read or displayed. The com- ment field can therefore be used to store a hint for the set OEM identifier. You will need to code all PITreader devices that you supply to your customer with this OEM identifier.
  • Page 42 In order for the user data to be employed, the parameters must be created on the PITreader. This can be done using the REST API (see operating manual PITreader REST API). Alternatively, a configuration file with the parameters can be imported in the web ap- plication.
  • Page 43 Under Configuration -> API Clients you can create appropriate connection settings for automated access to device data via the HTTPS interface. A detailed description can be found in the separate document “Operating manual PITreader REST API”. 8.15 Save and restore configuration All the settings that have been made in the web application can be saved in a file.
  • Page 44 8.16 Reset to default settings The PITreader base unit can be reset to its factory default settings via a short circuit at the terminals TxD/RxD or in the web application. Different data is deleted depending on which type of reset is selected.
  • Page 45 Firmware update Firmware update If a new firmware version is available, the firmware of the PITreader can be updated. The update is carried out in the web application under Maintenance -> Update firmware. An update package can be downloaded to the device from the download area on the Pilz website.
  • Page 46 When the transponder key is not inserted: Authentication on the device is blocked (e.g. via 24 V I/O port or single authentication) You’ll find further information in the web applica- tion under Status -> Authentication Operating Manual PITreader, PITreader Firmware V1.5.x | 46 1004806-EN-08...
  • Page 47 Try to open the web application with the default IP address or Reset the device to its factory default settings. If the PITreader is reset to its default settings via a short circuit at TxD/RxD, the LED as- sumes the following states: Description...
  • Page 48 Operation 10.3 Diagnostics The PITreader provides options for device diagnostics and statistical evaluation. Diagnostics using the device LED Information regarding evaluation of the device LED can be found under indicator [ 46]. Diagnostics using the diagnostic list (web application) The diagnostic list contains a list of the active alarms. You can read the diagnostic list in the web application under Diagnostics.
  • Page 49 - Definition of "Median" see [2] Note: If a transponder key is removed and re-inserted within a maximum of 2 s, then this is not evaluated as a new authentication in the statistics. Operating Manual PITreader, PITreader Firmware V1.5.x | 49 1004806-EN-08...
  • Page 50 Time format: <Day(d) Hour(h) Minute(m) Second(s)> Examples: 1h 0m 1s 1d 0h 20m 5s The median of a series of values is the value that is right in the middle, if you sort the val- ues by size. Operating Manual PITreader, PITreader Firmware V1.5.x | 50 1004806-EN-08...
  • Page 51 Environmental data Ambient temperature In accordance with the standard EN 60068-2-14 Temperature range -30 - 55 °C Storage temperature In accordance with the standard EN 60068-2-1/-2 Temperature range -30 - 70 °C Operating Manual PITreader, PITreader Firmware V1.5.x | 51 1004806-EN-08...
  • Page 52 Stripping length with spring-loaded terminals 8 mm Dimensions Height 54 mm Width 72 mm Depth 45 mm Weight 47 g Where standards are undated, the 2018-12 latest editions shall apply. Operating Manual PITreader, PITreader Firmware V1.5.x | 52 1004806-EN-08...
  • Page 53 2) this product must accept any interference received, including interference that may cause undesired operation. Changes or modifications made to this product not expressly approved by Pilz may void the FCC authorization to operate this equipment. NOTE: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.
  • Page 54 0x0001c7cc 0x0001f83c 0x0001f9c3 0x00064a55 0x00064baa 0x0006745a 0x000675a5 0x00078c66 0x00078d99 0x0007b269 0x0007b396 0x000a94aa 0x000a9555 0x000aaaa5 0x000aab5a 0x000b5299 0x000b5366 0x000b6c96 0x000b6d69 0x000cdeff 0x000cdf00 0x000ce0f0 0x000ce10f 0x000d18cc 0x000d1933 0x000d26c3 0x000d273c 0x00304c6a 0x00304d95 0x00307265 0x0030739a Operating Manual PITreader, PITreader Firmware V1.5.x | 54 1004806-EN-08...
  • Page 55 Permission Code 0x00318a59 0x00318ba6 0x0031b456 0x0031b5a9 0x0036063f 0x003607c0 0x00363830 0x003639cf 0x0037c00c 0x0037c1f3 0x0037fe03 0x0037fffc 0x003ad8c0 0x003ad93f 0x003ae6cf 0x003ae730 0x003b1ef3 0x003b1f0c 0x003b20fc 0x003b2103 0x003c9295 0x003c936a 0x003cac9a 0x003cad65 0x003d54a6 0x003d5559 0x003d6aa9 0x003d6b56 0x00c04e98 Operating Manual PITreader, PITreader Firmware V1.5.x | 55 1004806-EN-08...
  • Page 56 PITreader S base RFID authentication system, base unit with extended function 402 256 unit range. Required accessories: PITreader key adapter PITreader key ad- 1x PITreader key adapter horizontal + 1x nut for PITreader base 402 308 apter h unit 13.2 Transponder key...
  • Page 57 European Parliament and of the Council. 2014/53/EU on radio equipment The complete EC Declaration of Conformity is available on the Internet at www.pilz.com/downloads. Authorised representative: Norbert Fröhlich, Pilz GmbH & Co. KG, Felix-Wankel-Str. 2, 73760 Ostfildern, Germany Operating Manual PITreader, PITreader Firmware V1.5.x | 57...
  • Page 58 We are represented internationally. Please refer to our homepage www.pilz.com for further details or contact our headquarters. Headquarters: Pilz GmbH & Co. KG, Felix-Wankel-Straße 2, 73760 Ostfildern, Germany Telephone: +49 711 3409-0, Telefax: +49 711 3409-133, E-Mail: info@pilz.com, Internet: www.pilz.com...