WinCC Unified Step-by-Step: Secure Downloads & Offline Transfers
Introduction
WinCC Unified provides a powerful feature that ensures the secure and encrypted download of your project files to operator devices. Protecting project data during transfer is essential for maintaining the integrity and confidentiality of your automation systems. This tutorial will guide you step-by-step through setting up and performing a secure project download, safeguarding your data in every step.
In scenarios where online access to the TIA Portal is unavailable or inconvenient, WinCC Unified supports offline project transfers using a zip file. This method is especially beneficial for tasks that involve remote maintenance or deploying a project directly at a system without having WinCC Unified installed on-site. You will learn how to prepare your project for offline transfer, deploy it to a Unified PC Runtime or Unified Panel, and restart the Runtime to activate the updates by following this tutorial. Figure 1.1 provides an overview of this process and its practical applications.
Whether you're looking to enhance the security of your project downloads or explore flexible deployment options, this tutorial will equip you with the knowledge needed to leverage WinCC Unified's key features.
Prerequisites
What you will need to follow along with this tutorial:
- You need to install the TIA Portal software on your personal computer. Although this tutorial refers to version 19, rest assured that version 16 or higher will work.
- Prior familiarity with the "Introduction to WinCC Unified" tutorial is essential.
HMI Panel Settings
Let's start with the secure project download. On your SIMATIC HMI comfort panel, select the "Service and Commissioning" tile. From the available options, select the "Transfer" item.
Ensure the "Enable transfer" checkbox is ticked within the "Transfer mode" section. Proceed to input your chosen password in the "Encrypted project transfer" section, ensuring it adheres to the security requirements, including numbers, special characters, and both uppercase and lowercase letters. The password must meet a minimum length of 8 characters. Finally, confirm your entry by pressing the "Set Password" button.
WinCC Configuration Settings
First, access the "Start" menu by clicking its icon on your operating system's toolbar. Type "WinCC Unified Configuration" into the search field, and once the application icon is displayed, select it to open the app.
During the initial setup, preserve the default configurations for the sections labeled "Website settings," "User management," "Archive settings," and "Reporting." Proceed by clicking the "Next" button.
In the subsequent "Download of projects" section, select the checkbox for "Activate secure download." Enter the previously configured password from your SIMATIC HMI comfort panel into the designated field. After ensuring the correct input, click the "Next" button.
In the final stage, "Apply settings," you will be presented with a summary of all configured options. Carefully review this summary for accuracy. To apply the changes, press the "Accept" button. Shortly after, a pop-up will appear, prompting you to log off to apply the changes. Click "Yes" to confirm, allowing the system to sign out and complete the configuration process.
Runtime Manager
Following the system restart, click over the "Start" icon located on the toolbar. In the search bar, type "SIMATIC Runtime Manager" and wait for the corresponding application icon to appear. Click on the icon to open the app.
Locate the "Projects" section and click the "Settings" icon within the app's interface. It will open the "Settings" window. Select the "General" tab from the available options. Under the "Secure connection" section, enter the password you used in previous configurations. Once you have verified the input, press the "OK" button to confirm and save your settings. The process ensures that secure connections are configured appropriately for your application.
Unified Engineering System
Begin by opening your TIA Portal project. Within the project, you will see that the desired PLC and SIMATIC Unified HMI have already been added.
Locate the project tree on the left-hand pane and expand the HMI folder. Double-click on the "Runtime settings" option to open its configuration window. In the "Runtime settings" window, select the "General" item. Under the "Encrypted transfer" section, activate secure download by checking the box labeled "Activate encrypted transfer." Enter the password you have been using consistently in the designated field, and press "Enter" on your keyboard to confirm.
You must download the project to ensure that the configured settings in your TIA Portal project take effect on the Unified HMI. To do so, click on the HMI folder in the project tree to select it. Next, press the download icon located on the top toolbar. A "Load preview" window will appear, where you must configure two settings: for the "Load Runtime" target, choose the "Full Download" action, and for the "Runtime start" target, select the "Start runtime" action. Once these options are set, click the "Load" button to transfer your configuration to the Unified HMI. This process ensures your project settings are applied and ready for operation.
Offline Project Transfer
Launch the TIA Portal software and add the required application devices to your project.
Locate the "SIMATIC PC station" folder in the project tree on the left, expand it, and then navigate to the "WinCC Unified PC RT" folder. Under the "Screens" folder, select "Screen_1." Access the "Toolbox" task card on the right side of the interface and expand the "Elements" section. Drag and drop two sliders and two bars from the "Elements" section onto the graphical screen.
Next, expand the "HMI tags" folder in the project tree and double-click the "Default tag table" to open it. Create two internal tags named "Tag1" and "Tag2" with the data type set to integer.
Head back to the graphical screen and link these tags to the corresponding sliders and bars by dragging and dropping them.
Proceed to the project tree and expand the "Card Reader/USB Memory" folder. Add a user-defined card reader, and when the pop-up window appears, create a new folder on your local hard drive, naming it "Offline Transfer." Once the folder is created, select it and click the "Select folder" button.
Drag the "SIMATIC PC Station" to the newly created card reader. In the "Load preview" window that appears, ensure the "Full Download" action is selected, and press the "Load" button.
Navigate to the "Offline Transfer" folder on your local disk. You will find that the offline transfer process has created a zip file containing the runtime project. This zip file can be copied to the runtime station for deployment, providing a convenient method for transferring the project to the target runtime system.
Delta Download
Instead of performing a "Full Download," you can opt for a "Delta Download." A "Full Download" transfers all project data (including screens, scripts, configurations, and settings) into the Unified HMI panel. In contrast, a "Delta Download" only transfers the modified portions of the project, making the process faster and more efficient.
To proceed, return to the graphical screen and add a new form to your project. Then, compile your "SIMATIC PC Station" to ensure it incorporates the latest changes.
Once compiled, drag and drop the "SIMATIC PC Station" into the card reader. When the "Load preview" window appears, select the "Delta Download" action instead of the "Full Download" and press the "Load" button.
Finally, navigate and find the "Offline Transfer" folder on your local hard disk. You will notice that a new zip file has been generated. This zip file contains the runtime project created using the "Delta Download" method.
Project Download via Runtime Manager
Launch the "SIMATIC Runtime Manager" application. Once it opens, navigate to the "Projects" section and click the "Add" icon. Browse the "Offline Transfer" folder and select your "Full" project for addition.
Ensure that you activate relevant options in the "Options" section within the "Add project" window before clicking the "Add project" button. The Runtime Manager will then begin integrating the selected project into its system. You may also use this process to add a "Delta" project.
After completing the addition, open your preferred internet browser to verify if the project has been successfully transferred and is operational in runtime.
Project Download via Unified Comfort Panel
To set up the graphical screen for the Unified comfort panel, repeat the process used for the "SIMATIC PC Station."
Drag the "Unified Comfort Panel" folder from the project tree and drop it into the card reader folder you created. In the "Load Preview" window, select "Full Download" and proceed.
With the Siemens memory card connected to your computer system, navigate to the "Offline Transfer" folder and find the "Simatic.HMI" directory. Copy this folder and paste it into the memory card storage location. Safely eject the memory card and insert it into the Unified comfort panel.
When the panel powers on, go to the "Runtime Properties" menu and choose "Load project from storage."
In the next window, locate and select the zip file associated with the Unified comfort panel. Press the "Load project" button to transfer the runtime project to the HMI. This procedure ensures that the runtime project is loaded onto the Unified comfort panel and ready for use.
Conclusion
In conclusion, you learned how to perform secure and encrypted project downloads and manage offline transfers in WinCC Unified. This tutorial covered the essential steps for configuring secure downloads, including setting passwords on HMI panels and applying encrypted transfer settings in the TIA Portal. You also explored transferring projects offline using memory cards, enabling flexible deployment options for scenarios where direct access to the TIA Portal is unavailable. With these skills, you can effectively protect sensitive automation projects, ensure seamless deployment to Unified PC Runtimes or Unified Panels, and maintain operational continuity. By mastering these techniques, you enhance both the security and flexibility of your automation workflows, empowering you to address complex industrial scenarios.
