Hopefully you received one of my emails or possibly heard from a colleague about our latest TOP Server release. If not, you may not have heard about the key new features in TOP Server for Wonderware V6.7.
In this post, I'm going to go through some of the key features released in V6.7 in more detail, including a continued focus on security enhancements, updates to the Configuration API capabilities, enhancements to the Torque Tool Ethernet driver and more, including how they benefit you as a TOP Server user.
With TOP Server Version 6.7, there are several features that will further increase the security of your TOP Server systems, expand the integration of torque tools such as the Atlas Copco PF6000 and MTF6000 (commonly used in manufacturing applications where precision fastening torque is required), and increase your productivity through further expansion of flexible configuration functions available using the TOP Server Configuration API. So what are the biggest updates:
Continuous Security Enhancements & General Improvements
For the past several TOP Server releases, there has been a significant focus on server security. Continuous improvements related to TOP Server security proceed in Version 6.7 with updated security encryption policies for OPC UA connections (both for the OPC UA server interface and OPC UA Client driver).
For the OPC UA server interface of TOP Server, the latest security policy, Basic256Sha256, has been added for use in server endpoints, as well as, that new policy being the new default along with a default mode of "Sign and Encrypt" for the utmost UA security when using the defaults. Additionally, the UA instance certificate algorithm now uses Sha256RSA for any new self-signed certificates that are generated. New instance certificate expirations have also been reduced from 10 years to 3 years, as a further security measure.
Similar enhancements have been applied for the OPC UA Client driver, adding the latest Basic256Sha256 security policy for client configurations and also defaulting to Basic256Sha256 with "Sign and Encrypt".
Changes have also been made to alert users to potential security concerns. If a user is making a configuration edit in TOP Server that will result in lower security measures, the user will be warned prior to applying that change so that appropriate alternate action, if deemed appropriate, can be taken.
Additionally, the Secure Deployment Considerations Guide we published several releases ago has been updated to reflect additional measures that new installations of V6.7 need to take to ensure the appropriate permissions are available after the installation for the Application Data directory of TOP Server. This further protects TOP Server installations by restricting Active Directory user access to critical TOP Server runtime files.
For all users installing V6.7 on new machines (i.e. that have NOT previously had TOP Server installed), you need to download the latest version of the guide, paying special attention to Section 5. We highly recommend that all users concerned with industrial control system security continue to remain on current TOP Server versions and also download this free Secure Deployment Considerations Guide.
And, as always, a variety of incremental improvements have been made to 25 drivers and plug-ins to ensure continued robust and expanded functionality, which you can review in the TOP Server Release notes.
And, at a general server level, in keeping with our commitment to support the latest Microsoft technology, TOP Server V6.7 officially support Windows Server 2019 and Windows 10 IoT Enterprise operating systems. Users who prefer to keep their systems up-to-date with the Windows platforms can now take the next step with TOP Server.
Torque Tool Ethernet Driver expands integration of Atlas Copco torque tools
Torque tools are commonly used to apply specific torque to fasteners like nuts and bolts. They are used extensively in discrete manufacturing applications (such as automotive) and allow operators to consistently apply precise torque over and over again. Coming in both large and small formats, such torque tools range from large, multi-spindle tools for applying torque to multiple fasteners at once (for example, in automotive, tightening all of the lug nuts on a wheel at once), to a small, automated screwdrivers for detail work.
The Torque Tool Open protocol, which is utilized by the Torque Tool Ethernet driver, ensure interoperability across the variety of torque tool providers including Atlas Copco, Ingersoll Rand and others.
With V6.7, the Torque Tool Ethernet driver expands the range of supported MIDs (Message IDs) for full support of newer torque tool models such as Atlas Copco Power Focus (PF) 6000 and MicroTorque (MTF) 6000 tools.
This includes support for the following MIDs:
- MID8 for Generic Subscribe messages
- MID1201 & 1202 for Overall Operation Result Messages
- MID224 & 225 for Set and Reset of Digital Input Functions
- MID250 & MID251 for Socket Selector Information messages
Additionally, V6.7 adds supports for new message revisions in the following command sets:
- MID2 revisions 3 through 6
- MID41 revisions 2 through 5
- MID65 revision 7
Users of newer torque tools that have implemented those features of the Torque Tool Open protocol can now be ensured a seamless integration of those tools with the greater control system.
Expanded API Functionality Enhances Configuration Flexibility
Prior to TOP Server V6.7, users of the Datalogger plug-in and any TOP Server user, in general, that needed to configure the TOP Server User Manager or server Log Settings would need to do so locally. You may be saying "So what?" I've always done that and it's never been an issue.
Some users, though, have specific use cases making it preferable to have configuration capabilities external to the standard TOP Server user interface. The Configuration API, which was introduced with the initial V6 release, provides those capabilities in a flexible, secure interface accessible by external applications.
Over multiple releases, the drivers, plug-ins and other features accessible for configuration by the Configuration API has been continuously expanded. With the V6.7 release, it's now possible for Datalogger plug-in users to make configuration changes remotely and securely.
Additionally, users taking advantage of the built-in User Manager capabilities of TOP Server to control user access to TOP Server can also now remotely make secure changes to the User Manager including creating, modifying or disabling users groups and passwords via the Configuration API.
Configuration settings at the Admin level for Event Log, OPC Diagnostics and Configuration API settings are also now available for modification using the Configuration API.
The Configuration continues to provide a flexible, secure alternative method for access your TOP Server configuration from external applications.
These and the other features not covered here provide expanded device integration, security and flexibility. As always, a full list of the other enhancements and features in the release notes that we just don’t have room to cover here is available - click for details.
Want to see TOP Server V6.7 for yourself? Download the free trial.