Rockwell Studio 5000

Overview

In this example we show setup and interoperability between the Agilicus AnyX platform and Rockwell Automation’s Studio 5000 with RSLinx. This allows a PLC engineer to remotely support multiple sites, multiple customers, using their existing tools and setup. No VPN, no changing of IP’s. Connect to multiple customers simultaneously.

Customers get increased security, simple single-sign-on authentication with multi-factor, and a full audit trail. Permissions can be assigned (and audits can be observd) on an individual PLC basis, rather than an entire VPN or subnet.

For the example setup we have:

1. Windows PC running Rockwell Studio 5000 (v29)
2. CompactLogix 1769-L16ER
3. Micro850 2080-LC50
4. Raspberry Pi (serving as the Industrial PC / IPC)

The setup is such that the PLC are on a separate non-routeable segment. The Raspberry PI is dual-homed, serving thie PLC subnet and the connection outbound.

There is a highly restrictive firewall between the Raspberry PI and the Internet: it only allows outbound connections, on port 443, to the Agilicus AnyX platform: no inbound, no arbitrary outbound.

The operator will see no change on their laptop: they launch Studio 5000 from their start menu as normal. If they have not authenticated recently, a browser will popup to force a sign-in against their corporate identity provider (e.g. Microsoft Azure or Google Workplace). The Rockwell Automation software will then function as normal for all PLC viewing and programming.

Example Setup

User Desktop: Launcher Install

There is a one-time thing the user must do on their desktop to enable the Agilicus Launcher. No administrative privilege is required, and the configuration and software will automatically stay up to date.

The user must open the Profile web page (https://profile.YOURDOMAIN). From here they will download a binary and run it, it will sign-them in via the browser. At this stage, a new start menu item (Refresh) is present. Complete instructions are here.

Once the Launcher is installed, a ‘Refresh’ icon will appear, as well as an icon for Studio5000 and RSLinx Classic. Launch the software from the icon as normal.

Agilicus AnyX Configuration (https://admin.YOURDOMAIN)

1. Install the Agilicus Connector on your Raspberry Pi or other IPC
2. Create a ‘Network’ for each PLC in the Agilicus (optionally make a Resource Group per site)
3. Create a Launcher for Studio5000 (and optionally RSLinx), assigning the Network (or optional Resource Group)
4. Assign permissions to each user (or a group)

At this stage, if your Studio 5000 has previously seen the PLC, it will be working, otherwise we can enter them manually as below.

With this complete, you can either launch RSLinx and leave it open, or, allow Studio 5000 to launch it. Observe the first time you will see a browser open and be prompted to sign in. On subsequent launches it will have cached credentials.

Sample Project, CompactLogix 1769-LER, Agilicus Setup

First we do the networks (PLCs are each Network Resources):

1. Add network Name (the name you will refer to the PLC in the Agilicus front end). This should be valid as a hostname in syntax
2. Hostname/IP. Use the same as the name in #2. We do not recommend this be an IP as it would prevent overlapping IP usage
3. Port. 44818, standard for Allen-Bradley PLC
4. Override IP. The IP address of the PLC on the far end link adjacent the connector (Raspberry Pi)
5. Via Connector: we will leave this blank for now and assign in next step.

Now we will create the connector, assiging each PLC as above.

1. Name. This will be relevant to you, it might be the site-name or IPC name or location
2. Assign each PLC you created above in the ‘Networks’ column

At this stage we will create the Launchers:

Create a launcher for Studio 5000:

Name: Studio5000
Command Path: C:\Program Files (x86)\Rockwell Software\Studio 5000\Launcher\Launcher.exe
Command Arguments: /Language=1033
Start Directory: unset
Require Interceptor: set
Require Elevated: set
Custom, Delayed Init: not-set

Create a launcher for RSLinx:

Name: RSLinx
Command Path: C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE
Requires Interceptor: set
Require Elevated: set
Custom, Delayed Init: not-set
Sample Project, CompactLogix 1769-LER, Rockwell Setup

At this stage we should assign permissions. For larger scale, we recommend a Group for the users (so the permissions are assigned once, and users are later added/deleted from the Group). For larger number of sites we recommend a Resource Group (so e.g. 1 Resource Group per site, or per type of PLC, or per job function, something of this nature).

1. Assign permission to Launcher
2. Assign permission to each Network (note: Agilicus is working to remove this step so that permissions flow through from the Launcher).

At this stage, on the user desktop, you can run ‘Refresh’ or, install the Launcher for the first time, and, a Studio5000 + RSLinx icon will show up.

Sample Project, CompactLogix 1769-LER, Rockwell Setup

Screenshots for each step in the Rockwell Studio 5000 are shown below. Create a project, create a new device, give it the same name as the **hostname** above in the network, and, it will magically find it when the network is not attached.

You may either start RSLinx manually and leave it run, or, allow Studio 5000 to start it for you.

Open Communications -> Who active

In this case, no devices are found. Now launch RSLinx Classic from Agilicus Launchers -> RSLinx

In RSLINX, Communications -> Configure Drivers

Select Ethernet:

Apply the change.

The Agilicus, Ethernet driver will now probe the configured hosts, and it will add the device.

The Communications -> Who Active screen will now present the newly configured driver:

Now set the project path for this device.

Now the device is ready to go online.

Download the controller configuration to the project.

The PLC is now online and in Run Mode.