Communications services
3.6 Secure Communication
3.6
Secure Communication
3.6.1
Basics of Secure Communication
3.6.1.1
Basics of Secure Communication
For STEP 7 (TIA Portal) as of V14 and for S7-1500 CPUs as of firmware V2.0, the options for
secure communication have been broadened considerably.
"S7-1500 CPUs" also refers to CPU versions S7-1500F, S7-1500T, S7-1500C as well as
S7-1500pro CPUs and ET200SP CPUs.
In subsequent versions, additional components will support Secure Communication (secure
OUC), see next section.
As of firmware Version V4.4, S7-1200 CPUs also support Secure Communication (Secure
OUC).
Requirement
• CPUs that support connection description DBs with the structure of the SDT
TCON_IP_V4_SEC or SDT TCON_QDN_SEC. These are the following CPUs:
– S7-1200 as of firmware V4.4
– S7-1500 as of firmware V2.0
• Also optional via the following CPs:
– CP 1243-1 as of firmware V3.2
– CP 1243-8 IRC as of firmware V3.2
– CP 1543-1 as of firmware V2.0
– CP 1545-1
– CP 1543SP-1
Secure Communication via CP 1242-7 GPRS V2 is not possible.
Public Key Infrastructure (PKI)
The attribute "secure" is used for the identification of communication mechanisms that are
based on a Public Key Infrastructure (PKI) (for example RFC 5280 for Internet X.509 Public
Key Infrastructure Certificate and Certificate Revocation List Profile). A Public Key
Infrastructure (PKI) is a system that can issue, distribute and check digital certificates. The
digital certificates issued are used in the PKI to secure computer-based communication. If a
PKI uses asymmetric key cryptography, the messages in a network can be digitally signed and
encrypted.
Components that you have configured in STEP 7 (TIA Portal) for secure communication use
an asymmetric key encryption scheme with a public key (Public Key) and a private key
(Private Key). TLS (Transport Layer Security) is used as the encryption protocol. TLS is the
successor for the SSL (Secure Sockets Layer) protocol.
40
Function Manual, 05/2021, A5E03735815-AJ
Communication