System ResourcesMAXDNA b1

System Resources
User's Guide
277609 Rev. B1
Refer to this publication for complete and accurate information that helps you better operate and service Metso
Automation MAX Controls equipment. Your comments and suggestions are welcome.
Metso Automation MAX Controls, Inc.
1180 Church Road
Lansdale, PA 19446
Attention: Manager, Technical Publications
Copyright 2001, 2002 by Metso Automation MAX Controls Inc.

Printed in the United States of America
All Rights Reserved
Metso Automation MAX Controls Inc. 277609

Contents
PREFACE ........................................................................................................................... III
CHAPTER 1 ...................................................................................................................... 1-1
Setting up Application Environments at the maxSTATION.................................................................................. 1-1

Overview....................................................................................................................................................................1-1
maxSTATION Hardware Overview ......................................................................................................................1-1
maxSTATION Basics ........................................................................................................................................1-2
Physical Configuration.......................................................................................................................................1-2
Setting up a maxSTATION................................................................................................................................1-2
Network and Communications Architecture ......................................................................................................1-3
Setting up maxDNA Software................................................................................................................................1-4
Desktop Shortcuts and Program Menus .................................................................................................................1-6
maxSTATION Software Infrastructure..................................................................................................................1-7
Understanding Registry and Initialization (ini) Settings ........................................................................................1-8
Configuring Initialization Files ..........................................................................................................................1-8
Specifying Registry Settings ..............................................................................................................................1-8
Identifying System Resources ................................................................................................................................1-8
Understanding the DPUList.ini File...................................................................................................................1-9
Understanding the wks.ini File...........................................................................................................................1-9
Configuring Applications to Start up Automatically............................................................................................1-10
Logging on As an Administrator..........................................................................................................................1-11
Setting up maxSTATIONs with Individual Assignments.....................................................................................1-12
Viewing Alarms in a maxSTATION................................................................................................................1-12
Designating Alarm List Masters.......................................................................................................................1-13
Setting up Event Stations .................................................................................................................................1-14
CHAPTER 2 ...................................................................................................................... 2-1
Setting up Domains ..................................................................................................................................................... 2-1

Overview....................................................................................................................................................................2-1
Designing a Domain Topology ..............................................................................................................................2-3
Understanding Domain Addressing .......................................................................................................................2-5
Addressing Scheme ............................................................................................................................................2-6
Using the Domain Configurator to Set up Domains...............................................................................................2-7
Using Domain Filters .......................................................................................................................................2-11
What to Do after Editing Domain Configurator...............................................................................................2-12
Transferring the wks.ini File to all maxSTATIONs.........................................................................................2-12
Running the maxTRANSPORT Utility............................................................................................................2-12
maxPROXY Point Alias Feature..........................................................................................................................2-13
Assigning an alias for a point...........................................................................................................................2-13
Security ............................................................................................................................................................2-13

System Resources Users Guide
Restrictions...................................................................................................................................................... 2-13
Troubleshooting Domain Problems..................................................................................................................... 2-14
Using Transport Daemon to Check Communications ..................................................................................... 2-14
Checking on Points Using Point List Facility.................................................................................................. 2-15
RRS Connections ............................................................................................................................................ 2-16
CHAPTER 3.......................................................................................................................3-1
Setting up maxSTATION Password Security Using Security Edit......................................................................... 3-1

Overview................................................................................................................................................................... 3-1
Setting up Password Security ................................................................................................................................ 3-1
Modifying Security Level Passwords................................................................................................................ 3-2
Modifying Default Security for Engineers and Operators................................................................................. 3-2
Exporting and Importing Passwords and Default Logins .................................................................................. 3-2
Password Entry Checkbox................................................................................................................................. 3-3
CHAPTER 4.......................................................................................................................4-1
Configuring Security at the Process Level................................................................................................................ 4-1

Overview................................................................................................................................................................... 4-1
Configuring the Schemes Database....................................................................................................................... 4-1
Building a Security Database ................................................................................................................................ 4-2
Assigning Schemes and ASCs to Custom Blocks ............................................................................................. 4-3
maxSTATION Security Levels ............................................................................................................................. 4-3
Using Default Login.......................................................................................................................................... 4-5
Attribute Security Class (ASC) ............................................................................................................................. 4-6
Viewing Security Assignments Using Point Browser ....................................................................................... 4-7
Assigning Attribute Security Classes (ASCs) to Custom Blocks ...................................................................... 4-7
Reassigning Attribute Security Classes (ASCs): ............................................................................................... 4-8
Using Schemes ...................................................................................................................................................... 4-8
Assigning Schemes............................................................................................................................................ 4-9
Using Security Scheme Editor Utility ................................................................................................................. 4-10
Editing Security Definitions................................................................................................................................ 4-13
Editing Unique Names and Defining New ASCs and Schemes ...................................................................... 4-14
Viewing Security Settings Online in maxVUE Runtime ..................................................................................... 4-14
Intra-domain Security Issues ............................................................................................................................... 4-14
maxPROXY: Inter-domain Security Issues......................................................................................................... 4-15
Remote Server Security Issues ............................................................................................................................ 4-15
Process Security Logic........................................................................................................................................ 4-16
CHAPTER 5.......................................................................................................................5-1
Checking Configuration Limits Using the I/O Configurator .................................................................................. 5-1

Overview................................................................................................................................................................... 5-1
Understanding I/O Module Addressing Limitations ......................................................................................... 5-1
Creating a Configuration with BEMs................................................................................................................ 5-2
Factoring in Service Time Base ........................................................................................................................ 5-3
Specifying Software Versions ........................................................................................................................... 5-3
Creating an I/O Configuration Using the Configurator ......................................................................................... 5-3
Interpreting Percentage Bars ............................................................................................................................. 5-4
Creating an I/O Configuration........................................................................................................................... 5-5
Specifying an I/O Configuration with BEMs .................................................................................................... 5-6

Contents
Saving and Reloading a Saved Configuration........................................................................................................5-6

Creating an I/O Configurator Report .....................................................................................................................5-7
v
Preface
This publication, consisting of five chapters, was prepared to help you

identify and plan your system resource requirements in preparation for
system configuration.
Chapter 1 discusses the maxDNA software application platform and

maxSTATION, the human-machine interface on which applications may be
viewed or executed. Refer to this chapter to learn how to prepare software,
configure software to start up automatically when a maxSTATION is turned
on, and to configure maxSTATIONs with individual assignments.
Chapter 2 discusses network domains. A maxDNA system may use domains

to functionally divide a system into operational units. Refer to this chapter
for a discussion of domains, proxy servers, network topology, and how to set
up domains.
Chapter 3 discusses maxSTATION password security. Use the Security Edit

utility to change maxSTATION passwords at any level and to select default
security levels for operator and engineer groups.
Chapter 4 explains how to set up security at the process level. Process

Security addresses the issue of who can write to what. Essentially, process
level security controls a write action to a Software Backplane ID. It is the
DPU that ultimately determines whether to grant or deny a write request.
The decision is based on a security scheme that relates the security level of
the source station that made the request to the security attributes of the target
Id (service.attribute). A service is an Atomic Block or Custom Block.
Chapter 5 explains how to use the I/O Configurator tool, a utility that makes
it easier to estimate I/O module requirements taking into account system
limitations.

Chapter 1
Setting up Application Environments

at the maxSTATION
Overview
Use the maxSTATION to prepare software applications and organize your
system resources. A maxDNA distributed control system is segmented by
domains, consisting of workstations and DPUs. See Chapter 2, Setting up
Domains. Refer to this chapter to become acquainted with the maxDNA
software application environment and its hardware platform, the
maxSTATION.
maxSTATIONs are normally delivered with preloaded software. The

software included with a specific maxSTATION may depend on how the
maxSTATION is to be used.
This chapter explains
q How maxDNA software is organized as viewed in Windows Explorer
q How software should be prepared (initialization files and maxDNA

registry settings)
q How to configure specific applications to start up automatically when a

maxSTATION is turned on
q How to give maxSTATIONs individual application assignments
maxSTATION Hardware Overview

A maxDNA distributed control system consists of various quantities of the
following hardware components that make up its resources:
maxSTATIONs providing the human interface with the system.

Remote Processing Units (RPU) consisting of Distributed Processing
Units (DPUs) and I/O Modules, which provide control and data
acquisition capabilities.
maxNET, a redundant Ethernet network, which interconnects
maxSTATIONs and DPUs.

System Resources User's Guide
maxSTATION Basics
maxSTATION, an Intel Pentium-series workstation, running either
Microsoft Windows NT or 2000 operating system, is a high-performance
workstation outfitted with a high capacity hard drive, color monitor,
engineering or operator keyboard, mouse or track ball, and CD-ROM for
loading maxDNA application software.
The Windows video display is called the desktop. Icons representing files,
folders or programs may be placed on the desktop. A window is opened
for each individual program (often called an application) that is executed.
Multiple windows can be open simultaneously, be moved and resized, as
desired.
Physical Configuration
maxSTATION components, normally located in a control room, can be
packaged in either a cabinet, a work desk, or a combination of both.
Normally, RPU cabinets are located close to the processes they are
monitoring and controlling.
Setting up a maxSTATION
A maxSTATION may be set up as an:
Operators Workstation
Engineers Workstation
Dedicated Function
The Operators Workstation uses maxVUE graphical interface software to

provide a graphical view of the process. The software uses both standard and
custom displays.
The Engineers Workstation is used for creating and maintaining

configurations and process control documentation using the maxTOOLS4E
configuration management software. It is also used to create and maintain
custom graphic displays using the maxVUE graphics editor software.
In addition to these functions, maxSTATIONs may be dedicated to a primary

application or function. For instance, maxSTATIONs may be set up to
collect and manage process and system alarms, process and event history,
archive history, or log history reports, using various maxDNA applications.
In network domains, maxSTATIONs may also be configured as proxy

servers. See Chapter 3. For OPC applications, a maxSTATION may be used
as an OPC server. See Publication 277607, OPC Server and Client Users
Guide.
1-2 Metso Automation MAX Controls Inc. 277609

Setting up Application Environments at the maxSTATION
To better manage maxSTATION processing loads and to reduce network

traffic, individual maxSTATIONs could be configured for the following
specific functions:
q Alarms q Communications (maxLINKS)

q Event collection q Proxy server
q Event logging q OPC server
q History reports q Quick Log server
q History collection q Remote SBP
(maxSTORIAN)
See Setting up maxSTATIONs with Individual Assignments, later in this

chapter.
Network and Communications Architecture

maxDNA uses a client/server architecture. Simply put, providers supply data
to clients using the Software Backplane distributed communications
infrastructure software. The DPU4E is a primary data provider for system
clients. In earlier systems using DPU4A and DPU4Bs, the DPU Bus Module
(DBM) is a primary data provider.
Most maxDNA applications, such as maxVUE and maxTOOLS4E, are

clients accessing providers for data; however, applications, such as
maxSTORIAN, could play the role of provider as well as client. The
maxSTORIAN package gathers historic trend data and provides it to clients
such as maxVUE and the History Reports utility.
The DPU4E, acting as a server, collects information, stores it, and ultimately
transfers the information to the appropriate maxSTATION clients. The
collected data is comprised of alarm, event, trend, historical, and general
point information.
The SBP software suite includes the following core applications:
maxRRS - Registration and Routing (RRS), which connects clients with

providers of information. Providers register information on the software
backplane. Clients read, write and subscribe to that information through
the software backplane.
maxLSS - Local Status Server (LSS), which provides maxSTATION

housekeeping functions, such as storage for other processes (for example,
the last display and selected point for maxVUE) and a set of simulation
functions.
Real Time Gateway (RTG), required with systems using DPU Bus Modules,
provides an interface between the DBM and the software backplane. The
RTG provides immediate data, trend data, alarm data, and more.
Metso Automation MAX Controls Inc. 277609 1-3

maxSTATIONs and DPU4E communicate with one another via maxNET.

The maxNET Network is a fully redundant 10/100 Mb per second Ethernet
network using industry standard TCP/IP protocol for communications
between Workstation clients and servers.
Setting up maxDNA Software

maxSTATION hardware is delivered with preloaded software per specific
customer order. Many maxDNA applications feature associated initialization
files and registry entries, making it possible to customize the application to
meet your specific requirements. In most instances, however, you may
accept the applications default settings.
To prepare software, you may need to perform any or all of the following:
Set up associated ini (initialization) files

Configure associated registry entries
Add applications to the maxSTATION startup program to start the
software automatically when a maxSTATION is booted.
Some maxDNA software, such as the Software Backplane suite, must be

installed on all maxSTATIONs. Other maxDNA applications are optional
depending on your requirements. The following software applications may
be installed on one or more maxSTATIONs:
Software Backplane Suite (see Network and Communications

Architecture.)
maxRRS Registration and Routing (RRS)

maxLSS Local Status Server (LSS
Real Time Gateway (RTG) provides interface between the DBM and software
backplane; DBM-based systems only
maxTRANSPORT inter-station communications
maxINIT Make a repeatable series of software backplane
operations
Configuration
maxTOOLS4E Configuration tools for DPU4E

Graphical Configurator Document and print graphical representations of
point database
General Utilities
Alarm annunciation Add audible signals to maxSTATION to indicate

alarms

MaxMergeAlm.exe Produce a merged alarm list derived from multiple

sources
Events utility Collect, store, and log alarms and events

I/O Configuration and Test Test hardware using simulated point database
MAXDDE Exchange live data between applications
Registry Editor Edit maxDNA software registry settings
Point Picker Select and write point and HID text to any text box
QuickLogs Basic report generation package
Stable Time Permits a maxSTATION outfitted with stable time
card to assume time mastership of a maxDNA
system
TestSBP Debugger and diagnostic tool
Transfer Points Tool create a database of points to be shared among
DPUs connected to different DPU buses or maxNET
networks
Utilities forDPU4E systems only
Point Browser view and edit a DPU4E point database online
HealthLog monitor health of DPUs in your system
Bad Point Reference flag bad references in point database
Download FreezeCheck unfreeze outputs after a download
MaxMergeDpuAlm.exe produce a merged alarm list derived from multiple
DPUs
maxPROXY.exe runs when a workstation is configured as a proxy
server
TimeSync use to set up system time masters per domain
Security
MCS Security Edit set up password security

MCSSecurity
Schemes Editor create a security scheme database
Domain Configuration
Domain Configurator create domains

Screen Design
maxVUE Editor graphical user interface software which includes the

following:
q maxVUE Runtime
q Screen Programming (Hidden Logic)
q maxSCRIPT; simple language to customize maxVUE displays

History Collection
maxSTORIAN Historian and reporting package

History Reports
Reports Package Create and generate history reports

Miscellaneous
maxLINKS Package containing a set of interfaces to other

systems
OPC server Provides a standard way to supply data from a
maxDNA data source to any client application
Remote SBP Provides the ability to monitor a maxDNA system
from a remote location by connecting into a selected
workstation via a modem or LAN connection
maxCALCS Package to build calculations
maxAPPS Application development tool kit
Desktop Shortcuts and Program Menus

Most of these applications may be conveniently accessed using Windows
desktop shortcut icons and maxSTATION menus.
To access maxDNA program menus:
Click the Start button on the Task Bar, point to Programs and maxDNA to
access maxDNA software or to see additional menus for utility programs,
accessible from separate menus.

maxSTATION Software Infrastructure

Desktop and menu references are linked to executable programs that may be
accessed directly from Windows Explorer directories. The maxSTATION
file organization is divided into two separate directory trees called MCS and
Custom; one is for MCS use and the other for end user use.
The most current maxDNA software, software upgrades, and associated

setup files are located in the MCS tree directory.
Use the folders organized under Custom to store maxDNA applications

containing your own custom settings and files. Consider the Custom
directory to be a safe place to store and preserve custom settings, point
configurations, custom displays, and databases.
When Metso Automation MAX Controls releases new software and

upgrades, only software located in the MCS folders are affected. Any work
stored in Custom is preserved.
In addition to programs, folders under Custom typically contain:
Initialization (.ini) files associated with applications with your own

custom settings. (many located in Custom\SBP)
Database files generated by various applications (located in
Custom\Database)
maxTOOLS4E point configuration databases (located in
Custom\Configs)
maxVUE Custom displays (located in Custom\Displays)
maxVUE OCX controls (located in Custom\Controls)
Utility programs and associated initialization files (located in
Custom\SBP)
History Reports (located in Custom\History)

Understanding Registry and Initialization (ini) Settings

A number of maxDNA programs (particularly utilities) have associated
Registry entries and ini files containing default settings. These settings may
be changed to meet specific requirements.
Configuring Initialization Files

Initialization files are typically text files containing settable options to
change the way a software program behaves or to activate optional features.
For example, software modules available with the Events package have
associated .ini files. The Event Collector .ini file, EvtColl.Ini, specifies the
names of the event providers that you want to include and other parameters.
Such files are read by the maxSTATION startup program when it is first
initialized. See Configuring Applications to Start up Automatically, later
in this chapter:
Specifying Registry Settings

The Metso Automation MAX Controls Registry is a database containing the
default settings for maxDNA operating system and application-related
software. The Registry, a subset of the Windows registry, is divided into two
sections, user settings and machine settings. Using the Registry Editor tool,
you may customize the settings contained in these two areas.
The machine settings area of the Registry contains default settings for
several maxDNA applications listed in Publication 277594 Auxiliary
Functions User's Guide. Changes made in machine settings for software
installed on a specific maxSTATION remain in place and are applied
globally regardless of user and associated user logon name.
Changes made in the user settings area are associated with a specific user
and user logon name. Settings in the user setting part of the registry database
are organized by software application:
maxVUE
maxTOOLS
Software backplane
Identifying System Resources

Two initialization files, stored in C:\Custom\Database, have special system-
wide importance: the following files are used to identify DPU and
workstation resources to other applications or to the network.
DPUList.ini
wks.ini

Understanding the DPUList.ini File

DPUList.ini is a text file containing the names and IP addresses of all the
DPUs available in your system including virtual DPUs. A DPUList.ini file
should be created for each domain in your system.
This file is referenced by a number of maxDNA applications that need to

identify available DPUs in a system.
Point Browser Uses it to create the tree selection of the listed DPUs.
Healthlog Uses it to provide status of the listed DPUs.
DPUAlarms Uses it to get alarms from the listed DPUs.
DPUEvents Uses it to get events from the listed DPUs.
TimeSync Uses it to determine which DPUs to check time error and allow
time set/sync.
MaxTOOLS4E Uses it to look up the IP address for a given DPU name and
determine if the name references a stand-alone or backup pair
of DPUs. Also used to determine which DPUs get the security
database download if all is selected. Writes to DPUList.ini to
add a new DPU if user requests it.
Database The scope of DPUs from which to get the summaries
Summaries
Download Freeze The list of DPUs available to unfreeze
Check
Find Bad Reference The list of DPUs for checking bad references
MaxTRANSPORT Pre-registers the IP address of the available DPUs.(at this point
it does not pre-register the DPU name).
MaxPROXY Uses it to determine if a data request is directly from a DPU
and allows an extra proxy hop. (normally a proxy will not
forward a request for data to another proxy) .
I/O Inventory List of DPUs available to check list and current state of their
I/O.
DPU Atom List List of DPUs available from which you can get a summary of
(diagnostic utility) atoms by time class.
Understanding the wks.ini File

wks.ini is a text file listing domain names and workstation names and IP
addresses and the domains these stations may access. An identical copy of
this file should be distributed to each workstation in your system. Only one
file is used for an entire system. See Chapter 2. The file is stored in
C:\Custom\Database\Wks.ini file.

Configuring Applications to Start up Automatically

After you log onto a maxSTATION as either user Engineer or Operator, a
startup program, Startup.exe, launches a startup window and automatically
starts up the underlying system and software backplane logic.
When this program is started, it reads the two startup.ini files. These text
files contain a list of maxDNA applications that you want the startup
program to launch automatically each time the maxSTATION containing the
startup.ini files is booted.
The startup.ini files may also contain a list of initialization files associated
with specific applications. These files may contain special custom settings
that the startup program reads and puts into effect when the maxSTATION
boots.
A maxSTATION contains two separate startup.ini files located in the

Custom directory tree and the MCS directory tree, respectively. The
startup.ini file placed in the MCS directory contains standard startup
settings. Use the startup.ini file placed in the Custom directory to activate
custom settings. When the maxSTATION starts up, the startup program first
reads the startup.ini file stored under MCS\Sbp and then reads the startup.ini
file placed under Custom\Sbp.
The following startup.ini file shows a standard file placed in C:\MCS\SBP

set up to auto start required applications, such as the Software Backplane
suite, the registry program, and so forth. To activate other maxDNA
applications, remove the semicolon character (;) from the beginning of a line
listing the desired application.
; Startup.ini for DPU4e & DBM (MCS Main startup file)
; This is the file of programs to be started up
; comments begin with a ;
; <delay>,<path>,<title>,<args>
;
; <delay> - time in seconds to delay before startup
; <path> - full path to program to start
; <title> - windows title to find the project to minimize and
; some day kill it
; <args> - program arguments (if any)
;
0, c:\MCS\Setup\MCSRegEdit.exe, MCS Registry Editor, /SILENT
0, c:\MCS\Sbp\maxRRS.exe, maxRRS
w, c:\MCS\Sbp\maxLSS.exe, maxDNA Local Status Server
w, c:\MCS\Sbp\maxINIT.exe, maxINIT
;0, c:\MCS\Sbp\RealTimeGateway.exe, MCS Real Time Gateway, /SECURITY
0, c:\mcs\sbp\maxPROXY.exe, maxPROXY - InterDomain Proxy Server
2, c:\MCS\Sbp\maxMERGEDPUALM.exe, maxMERGEDPUALM
8, c:\MCS\Sbp\maxMERGEALM.exe, maxMERGEALM
0, c:\MCS\Sbp\maxTRANSPORT.exe, maxDNA Transport Daemon
;3, c:\MCS\Sbp\Xfertool.exe, Xfertool (No Window), /SILENT
;0, c:\MCS\Sbp\AnnunTask.exe, Annunciator Task, /LSS_ONLY
;4, c:\MCS\Sbp\AnnSetup.exe, Alarm Annunciation Setup, /SILENT
0, c:\MCS\Sbp\EventRuntime.exe, EventRuntime
0, c:\MCS\Sbp\PointPicker.exe, MCS Point Picker
;
;0, c:\MCS\Report\maxHISREPSVR.exe, max History Reports Server - Settings, /Delay=60

0, c:\MCS\Sbp\EvtCollector.exe, EvtCollector
0, c:\MCS\Sbp\DpuEvents.exe, DpuEvents
1, c:\MCS\Sbp\EvtLogger.exe, EvtLogger - EvtLogger.ini, /EvtLogger.ini
;
; The following lines startup the maxSTORIAN. It requires special dongle licencing.
; These lines should be moved to C:\custom\sbp\startup.ini since this file will be
; overwritten during the next update and any changes made to it will be lost.
;
;1, C:\MCS\SBP\MINICONF.EXE, MiniConf, c:\MxsStorageRoom\Configurations\LSSaddSvc.txt
;5, c:\mcs\history\maxSTORIAN.exe, maxSTORIAN
;
; Uncomment one of the following lines depending on the type of maxSTORIAN
;
;w, C:\MCS\SBP\MINICONF.EXE, MiniConf, c:\MxsStorageRoom\Configurations\StandAlone.txt
;w, C:\MCS\SBP\MINICONF.EXE, MiniConf, c:\MxsStorageRoom\Configurations\Primary.txt
;w, C:\MCS\SBP\MINICONF.EXE, MiniConf, c:\MxsStorageRoom\Configurations\Secondary.txt
Logging on As an Administrator
To perform many basic maxSTATION setup functions, such as creating
passwords, configuring process security, setting up domains, and so forth,
you must be recognized by the system as a user with administrative
privileges.
Windows recognizes different user account classes. These classes include

Administrators, Guests, and Users, as well as operators. Each of the classes
has different privileges. When new user accounts are created, they are
assigned to one or more groups, which control the privileges of that account.
Each account has a password that allows access to the computer functions
under the Windows operating system.
Each account has a profile that maintains information about the desktop for
that account. These profiles contain information about what icons should
appear on the desktop and what programs should be accessible from the Start
menu, in addition to other information.
Two default accounts are always available in Windows: administrator and

guest. The administrator account is used for administration purposes,
including user administration, hardware and software administration, and
diagnostic testing. Guest account is a general-purpose account that allows
persons who do not have an account on the machine to use it with limited
privileges.
To log on as an Administrator:
1. Turn on the computer and monitor, if they are not already turned on.
When you turn the computer on, it goes through its normal boot up
routines. When the computer finishes its start up procedures, the
Windows Auto Logon Dialog appears.
2. Press the <Ctrl + Alt + Delete> keys to open the Logon Dialog.

3. Click the administrator icon, enter the administrator password, and

click the Logon button.
Setting up maxSTATIONs with Individual Assignments

To balance processing loads, it is recommended that you select specific
maxSTATIONs for various control room assignments, such as alarm
masters, event stations, maxSTORIAN stations, and so forth. Assignments
are normally set up on maxSTATIONs configured as Operator Stations.
To further balance processing loads, maxSTATION assignments may be

distributed by domain. For instance, each domain may have alarm masters,
event collectors, event loggers, and so forth.
For critical control room applications, such as alarm and event monitoring,
alarm annunciation, etc, select two stations for each application in the event
one or the other station should fail.
Note: alarm annunciator instances must have direct access to domains to

generate audible alarms. Workstations set up for alarm annunciation cannot
go through proxy servers. Should a workstation be set up this way, the
annunciator will not sound for any domain access through a proxy.
Viewing Alarms in a maxSTATION

To view alarms in a maxSTATION environment, two OCX controls and
several other alarm-related programs need to be set up.
In the maxVUE Editor, use the Alarm List Control and Alarm Summary
Control to configure alarm displays which operators may view in maxVUE
Runtime. These are viewable from multiple maxSTATIONs.
Because the Alarm List typically appears in any number of maxSTATIONs,

it is recommended that you establish one or two maxSTATIONs as Alarm
List Servers to reduce network traffic. Only these stations will collect the
Alarm Lists from the active DPU4E DPMSs. All other maxSTATIONs will
go to these servers for Alarm Lists. Use the Registry Editor entry to
designate which maxSTATIONs should be servers.
Two programs, MaxMergeDpuAlm.exe (for DPU4E systems only), and

MaxMergeAlm.exe, produce a merged alarm list derived from multiple
DPU4Es or DBMs. To activate these programs, you must configure the
MergeAlm.ini file and edit the \mcs\sbp\Startup.ini file to include the
MaxMergeDpuAlm.exe and MaxMergeAlm.exe programs.
To set up maxSTATIONs as alarm masters:

Copy the MergeAlm.ini file from Mcs\sbp to Custom\Sbp. Edit the file and
enter the desired alarm providers (See comments in the ini file). The line
PROVIDER = DPU4E is needed for the maxSTATION to get DPU4E
alarms. The MaxMergeAlm program during startup reads the MergeAlm.ini
file.
The MaxMergeDpuAlm program references the DPUlist.ini file to learn the

names of DPUs with which to communicate. Make sure the appropriate DPU
names and IP addresses are provided in the DPUlist.ini file.
Edit the \mcs\sbp\Startup.ini file. Make sure that the MaxMergeDpuAlm.exe

and MaxMergeAlm.exe programs are not commented out. The NODBM
option is not needed for MaxMergeAlm.
See the following example of a startup.ini file that starts the necessary
alarming programs and also collects events from DPU4Es. Note the delay
times.
0, c:\MCS\Setup\MCSRegEdit.exe, MCS Registry Editor, /SILENT
0, c:\MCS\Sbp\maxRRS.exe, maxRRS
w, c:\MCS\Sbp\maxLSS.exe, maxDNA Local Status Server
w, c:\MCS\Sbp\maxINIT.exe, maxINIT
;0, c:\MCS\Sbp\RealTimeGateway.exe, MCS Real Time Gateway, /SECURITY
0, c:\mcs\sbp\maxPROXY.exe, maxPROXY - InterDomain Proxy Server
2, c:\MCS\Sbp\maxMERGEDPUALM.exe, maxMERGEDPUALM
8, c:\MCS\Sbp\maxMERGEALM.exe, maxMERGEALM
0, c:\MCS\Sbp\maxTRANSPORT.exe, maxDNA Transport Daemon
;3, c:\MCS\Sbp\Xfertool.exe, Xfertool (No Window), /SILENT
;0, c:\MCS\Sbp\AnnunTask.exe, Annunciator Task, /LSS_ONLY
;4, c:\MCS\Sbp\AnnSetup.exe, Alarm Annunciation Setup, /SILENT
0, c:\MCS\Sbp\EventRuntime.exe, EventRuntime
0, c:\MCS\Sbp\PointPicker.exe, MCS Point Picker
;
;0, c:\MCS\Report\maxHISREPSVR.exe, max History Reports Server - Settings,
/Delay=60
0, c:\MCS\Sbp\EvtCollector.exe, EvtCollector
0, c:\MCS\Sbp\DpuEvents.exe, DpuEvents
1, c:\MCS\Sbp\EvtLogger.exe, EvtLogger - EvtLogger.ini, /EvtLogger.ini
Designating Alarm List Masters

Select one or two maxSTATIONs on your system as alarm list masters.
Your system must have at least one.
To make a station an alarm list master:
1. Click the Start button, point to Programs, maxDNA, Utilities, and then
click MCS Registry Edit to open the registry editor dialog box.
2. The registry editor dialog contains two tabs, user settings and machine
settings. Click the machine settings tab.
3. Expand the folder in the left directory window, locate and click on the
entry DPU Alarm List Server from the expanded list.

4. When you select this entry, a data entry field appears on the right
containing the current setting. Set this to Yes. This value should be set to
No for non-alarm-list-master stations.
5. Click Apply and OK to make the change and exit from the Registry
Editor.
6. Stop the station and restart the station from the startup program so that
the alarming programs see this registry change.
Setting up Event Stations

Pick two maxSTATIONs in your system to be event collector stations. They
could be the same stations that are alarm masters or any other stations.
To activate the Events Package, the path names for each component must be
added to the startup program in each maxSTATION. Additionally, you must
configure the initialization files for the Event Collector, Event Server, and
Event Logger. If you intend to log different events to multiple printers, you
need to create multiple instances of the Event Logger initialization file,
called EvtLogger.Ini. See Publication 277594, maxSTATION Auxiliary
Functions, a Users Guide, Chapter 2, "Understanding the Event Collector,"
"Understanding the Event Server, and "Activating the Events Package."
To set up maxSTATIONs as annunciators, see Publication 277594,

maxSTATION Auxiliary Functions, a Users Guide, Chapter 1. To generate
reports using QuickLogs, see Publication 277594, maxSTATION Auxiliary
Functions, a Users Guide, Chapter 8. To set up a history reports server, see
Publication 277583, History Reports Users Guide. To set up a station for
history collection using maxSTORIAN, see Publication 277622,
maxSTORIAN Users Guide.

Chapter 2
Setting up Domains
Overview
Use domains in a maxDNA system to functionally divide a system into
operational units. A domain typically contains a group of DPU4Es and
workstations that are engineered, maintained, and operated independently
from equipment in other domains. For example, in an electric generating
plant the control for each generating unit could be configured in a separate
domain. In addition, there may be common equipment shared by two
generators resulting in a third domain.
While items such as live data and historical trends can be retrieved from
other domains, many of the overhead functions would normally be
performed within the domain. For example, database configuration, alarm
management, event collection and logging, time synchronization, and
diagnostic maintenance are functions that are typically restricted to a
domain.
Note: Accurate Sequence of Events (SOE) time synchronization only

operates within a domain, not across domains.
System size is another factor to consider when deciding to implement

domains. If yours is a particularly large system domains could help to
reduce the network traffic within the system. This would be an extremely
rare case where there are more than 30 to 40 DPU4Es in one functional unit.
Consult the factory for the best way to configure this type of system.
Up to 31 independent domains may be configured. Domains 1 to 15 are

primary domains, while domains 16 through 31 are auxiliary domains. A
DPU4E may be assigned to any primary domain from 1 to 15 (actually set as
hexadecimal 0-9,a,b,c,d,e,f). A DPU is assigned to one and only one domain
by the first address switch on the DPU4E chassis. A Workstation may be
assigned to any domain from 1 to 31 and can belong to more than one
domain.
Domains 16 through 31 may contain workstations, but may not contain a

DPU. Workstations assigned to domains with no DPU4E can be configured
to communicate with workstations in other domains that have direct access
to a DPU. Workstations that provide other workstations with DPU4E or
DBM point access are called proxy servers.

When a workstation is selected as a proxy, the utility maxPROXY.exe is

launched when the station starts up and a maxPROXY icon is placed in the
system tray area to indicate a proxy server is running. Click on this icon to
view a dialog showing proxy activity per DPU.
To make the domain concept possible, each device placed in a domain is

assigned an address designating which domain it is assigned to. When a
DPU monitors messaging traffic, it reads the address of the device sending
the message and the address of the target station. If the addresses do not
match the addresses of devices within its domain, it ignores the message.
The DPU only responds to messages for devices assigned to its domain.
To define domains and assign workstations to specific domains, you will use
a utility called Domain Configurator. As you define domains and make
domain assignments, the utility, in the background, automatically defines
domain addresses and creates a text file, wks.ini, listing domain names and
workstation addresses and the domains these addresses may access. The file
is stored in C:\Custom\Database\Wks.ini file.
A typical wks.ini file created by the Domain Configurator looks like the
following:
; C:\Custom\Database\Wks.ini file
; _______________________________
;
; This File should be identical on all workstations
;
;Domains
;
DOMAIN 4: ALMGEN3, *.*
;
;Stations
;
[172.16.160.4]MCSNT55,, 4
[172.16.160.35]VALIDAT1,, 4
[172.16.160.36]VALIDAT2,, 4
[172.16.160.55]VALIDAT3,, 4
[172.16.160.56]VALIDAT4,, 4
[172.16.160.60]VALIDAT5,, 4
;
To complete the domain configuration process:
1. Copy wks.ini file from the maxSTATION with the master file to each of
your maxSTATIONs.
2. While logged on as user Administrator, execute maxTRANSPORT at

each of the maxSTATIONs, including the one where you ran the
Domain Configurator, to make the changes go into effect.
3. Reboot each maxSTATION.
Important: make sure all your maxSTATIONs have the same wks.ini.

Setting up Domains
Designing a Domain Topology

Use domains to segment your system in a way that makes best use of your
resources. In a large process control environment, a system may be
segmented by physical plant units. In a power generating station, for
instance, a domain may represent a single unit.
The following diagram represents a network topology using three primary

domains. Units 1 and 2 are each assigned their own domain. In addition,
Units 1 and 2 may share a third domain called Unit Common/
Figure 2-1. This illustration depicts three primary domains. Domains 1 and 2 share a common domain.
This diagram represents how a system with two units plus a unit common
might be configured. The system is set up with three domains representing
each of the two units plus one more for the unit common.
The DPUs in Unit1 can only communicate directly with the workstations in
Unit1. Likewise the DPUs in Unit2 can only communicate directly with
workstations in Unit2. The DPUs in common however can communicate
with workstations in Unit1, Unit2 and UNIT Common. This is because the

workstations in Unit1 and Unit2 were configured to be members of both

their own UNIT and the common domain.
Notice that the three virtual SBP lines (three dark lines in the middle of
Figure 2-1) are each assigned a number used to set IP addresses on the
DPUs.
DPUs never write and are given automatic access to all direct connect
domains of the workstations within their own domain that have proxy
servers running. This means that DPUs in Unit1 will have access to data in
UNIT Common but not Unit2. Since there are two proxy servers in each
domain, the proxies are redundant.
As discussed earlier in this chapter, a multi-domain configuration may

consist of primary domains (domains 1 to 15), which contain DPUs and
workstations, and auxiliary domains (domains 16 to 31), which contain
workstations but no DPUs.
Figure 2-2. In this illustration, primary domains 1 and 2 share a third common primary domain. In addition,
auxiliary domains 20 and 21 may access the other primary domains via proxy servers.
Figure 2-2 shows a configuration consisting of primary domains and

auxiliary domains. The following figure is identical to Figure 2-1, but with
the addition of domains 20 and 21. These domains fall within the auxiliary

Setting up Domains
range and contain only workstations that may access the information
contained within all the DPUs in a system by going through proxy servers. In
this example, workstations contained in these auxiliary domains are to be
used as supervisory stations that may read data but have no write privileges.
The Domain Configurator establishes these workstations as having indirect,
read only access to the primary domain.
As demonstrated in the illustration, these supervisory stations can be

dynamically redirected to either unit one or two and even contain overview
displays showing both units assuming that filters were in place for the
directed requests.
Understanding Domain Addressing

Domains are implemented using the addressing capabilities of maxNET. The
purpose of these addresses is to segment traffic to protect DPUs from
excessive messaging. Most of the details are set up using the Domain
Configurator.
Workstations and DPUs communicate with one another using maxNET.

maxNET, a dual, ultra high speed Ethernet based network, forms a backbone
to link intelligent processors, which provide control, communications, data
acquisition, and the human machine interface (HMI).
In addition to Ethernet, the network uses UDP/IP, a networking protocol

considered ideal for multiple network environments.
UDP/IP is the basis for communications on the Internet. A station on the

Ethernet is identified by an IP address. The IP address consists of four
numbers separated by periods. For example:
207.46.230.229 - corresponds to www.microsoft.com
You don't normally see the IP address because a Name Server (DNS) looks
up the address for you, but it is there.
Each permanent machine on the Internet is assigned an IP number. There are

special numbers that are not routed to a specific machine, but are intended
for use on local networks. These addresses are called non-routable. Metso
Automation MAX Controls uses the following address ranges for
Workstations and DPUs:
172.16.xx.xx
172.17.xx.xx
Where:

16 is reserved for the A network and 17 for the B network of the redundant
maxNET.
As a special characteristic, these addresses will not be passed through

routers. As such, there can be no leaks or conflicts with the Internet.
Addressing Scheme
Any DPU4E has two maxNET addresses (actually three if you count the
backup port):
172.16.0D.XX 172.17.0D.XX
Where D is the domain number 1 to 15 and XX is the DPU station address

from 2 to 253.
Workstations, on the other hand, can have many different secondary

addresses (one for each domain that they are a member of) as set up by the
Domain Configurator. Their primary address is set up via the network
control applet in Windows Administrator mode when the station is
initialized, or updated. The following represent workstation primary address
ranges:
172.16.160.01 - 172.16.160.254 maxNET A Ethernet Card
172.17.160.01 - 172.17.160.254 maxNET B Ethernet Card
Note that the Workstation number on a site must be unique (1 - 254). Use the
Domain Configurator to program which additional channels (domains) the
workstation is tuned to. These addresses are setup by the maxTRANSPORT
program when run in Administrator mode. maxTRANSPORT sets up
addresses in the range:
172.16.160+domain.01 - 172.16.160+domain.254 maxNET A Ethernet

card
172.17.160+domain.01 - 172.16.160+domain.254 maxNET B Ethernet

card
For example, Workstation 10 has access to domain 2. It will have the

following Ethernet addresses:
Cable A
172.16.160.10 - primary address 172.16.162.10 - domain 2 secondary

address
Cable B

Setting up Domains
172.17.160.10 - primary address 172.17.162.10 - domain 2 secondary

address
Secondary addresses are setup automatically by the Domain Configurator

and maxTRANSPORT programs.
In summary, observe the following steps to set up domain addressing:
1. Establish a domain number based on the first address switch of your

DPUs. Check by looking in your existing DPUlist.ini file, located in
c:\custom\database. For Network A, a DPU uses the following address
scheme:
172.16.D.xx, where D is the domain number.
2. Assign all workstations a unique number (the last octet of the IP address)
1 to 254.
3. While logged in as administrator, configure workstations to

172.16.160.xx (their unique number), using the network applet of the
Windows Control Panel.
Run the Domain Configurator to define the domains and the

workstations assigned to the domains.
4. While you are logged on as Administrator, execute maxTRANSPORT to

change the IP addresses of a Workstation to those required for
communication with the domain you have defined.
Using the Domain Configurator to Set up Domains

Use the Domain Configurator to:
designate the domain(s) that your system has,

list each of the maxSTATIONs in your system,
Designate which domain(s) each maxSTATION belongs to and the type
of access it has.
Warning you must use the Domain Configurator to create at least one
domain. If you do not set up at least one domain:
You may not be able to access your DPUs,

maxSTATIONs will not be able to export points to one another.
The output of the Domain Configurator is a text file called wks.ini, located
in c:\custom\database. This file is used at each maxSTATION, in
conjunction with maxTRANSPORT, to set up the proper IP addresses for

each maxSTATION, and to enable maxTRANSPORT, when the Software

Backplane is running, to see the other maxSTATIONs in a system.
Warning editing this file directly may cause system communications

problems.
To invoke the Domain Configurator:
Log on as Administrator, click the Start button on the Task Bar, point to
Programs, MAX Administrator Tools and click Domain Configurator to
open the MAX Domain Configure Dialog.
The dialog contains two tabs, Domain and Work Stations. First, use the
Domain tab to define the domains in your system. Then use the Work
Stations tab to assign workstations in your system to one or more domains
and to set up proxy servers.
To configure domains:
1. Open the Domain Configurator dialog to the Domains tab and enter the
name of each domain you intend to establish in the appropriate fields
under Domain.
A domain name is an alphanumeric string with no embedded spaces. The

underscore character is also valid in a domain name.
2. In the Domain Number field, enter a domain number. Click the down
arrow to select a domain number from a drop-down list box. When you

Setting up Domains
click the arrow, a list of the available domain numbers will drop down.
Do not attempt to enter the number directly in the field.
3. Check the Has DPU checkbox if the specified domain contains DPUs.
The checkbox should be unchecked when workstations in that domain
are going to get their data through proxy servers.
4. Filters If tagnames are unique in each domain, then tagname filters can
be part of the filter set. If not, then just station name filters can be used.
Filters can contain wild cards of "*" for 0-N characters or "?" for a
single character match. Filters are applied from left to right. The default
is *.*.
The filters are used only if the tagname requested is not currently registered
in the local RRS (uploaded from DPUs or workstations that are defined for
direct access). For more details see Using Domain Filters in the following
section.
To configure workstations:
1. Click the Work Stations tab to open the following dialog:
2. In the Work Station field, enter the name of each workstation that exists in
your system. The name is the same name configured under Identification in
Networks in Control Panel.
3. In the Station Number field, just beneath the Work Station field, enter the
last octet of the IP address of that maxSTATION. For example, if the
stations IP address is 1.72.16.160.20, then enter 20 in the Station Number.

4. Check the Run Proxy checkbox to make the associated workstation a proxy
server. A proxy server provides to other stations (outside the domain in
which the proxy server resides) access to its resources.
Note: If the domain is to have a proxy server, then if possible, assign two
maxSTATIONs to be proxy servers. This provides redundancy in the event
that one should fail.
5. In the Domains and Access fields, specify which domain(s) this station is a
member of. Select configured domains (shown by domain number and name)
from the pull-down box.
6. To the left of each Domain and Access field that contains a station name is a
small button. Click on this button to open the Select Access pop-up. Click
one of the four radio buttons to configure access privileges for the associated
station.
When you select an access privilege, the button next to the Domain and
Access field bears a single letter character corresponding to the access
privilege you selected. For instance, if you select direct read/write access,
the letter D appears on the button face.
Click the Copy and Paste buttons to copy and paste a stations information
to easily create stations with like properties.
Click the Sort Names button to perform an alphanumeric sort for all entered
workstation names.
When you are finished editing the Domain Configurator, select one of three
save and exit options available as button choices at the bottom right of the
dialog.
Click the Check and Save button to perform a check of the entries that you
have made to date. The Domain Configurator then updates the wks.ini file.
Click the Quit and Discard button to cancel all of the edits that you made
since the last save, and exit the program.
Click the Exit and Save to save all of your edits to date and exit the
program.

Setting up Domains
When you have completed and saved all your edits, the Domain
Configurator creates a Wks.ini file, which it stores at
C:\Custom\Database\Wks.ini file. Here is an example wks.ini file created by
the Domain Configurator from the above example:
; C:\Custom\Database\Wks.ini file
; _______________________________
;
; This File should be identical on all workstations
;
;Domains
;
DOMAIN 4: ALMGEN3, *.*
;
;Stations
;
[172.16.160.4]MCSNT55,, 4
[172.16.160.35]VALIDAT1,, 4
[172.16.160.36]VALIDAT2,, 4
[172.16.160.55]VALIDAT3,, 4
[172.16.160.56]VALIDAT4,, 4
[172.16.160.60]VALIDAT5,, 4
;
Using Domain Filters

Domain filters are used to assist routing of information between domains.
The filters are only used with proxy access to data. If a request is made for a
specific tagname, the workstation first checks to see if that tagname is
registered with its own maxRRS. If it is registered, then the requests for data
are sent directly to the device that contains the tagname.
Filter strings, which you enter in the Filter field appearing on the Domain
Configurator Domains tab, may consists of tag names, HIDs, or a
combination of both. See figure.
If the tagname is not registered, a search is made of the domain filters to see
if there is a match.
For example if the tagname is AB4PUMP6 and a filter for domain 4 is

??4* then there is a match for domain 4. A search is then made for a
workstation that has direct access to domain 4 and is running a proxy. If all
criteria are met, then the request for data is sent to that proxy station.

If no match is found in the filters or no proxy station can be found, then a

check is made of the attribute _rrs.setdefaultdomain to see if a default
domain has been set. If this attribute = 0 then no default is defined and an
error will be returned to the application. If the attribute is set to a value from
1-31 then that defines the destination domain for the request. A check is
then made for a proxy with access to that domain. If an appropriate proxy
server is found the request is sent to that proxy workstation.
The attribute for the default domain (_rrs.setdefaultdomain) can be set and
changed at any time. For example, a display can contain a maxSCRIPT that
changes the default to temporarily default to a specific domain.
Note: if there is more than one domain filter for a given domain then a
tagname match on any filter constitutes a match for that domain.
What to Do after Editing Domain Configurator

After you have made all of your Domain Configurator edits:
1. Transfer the new version of wks.ini to each of your maxSTATIONs.
2. Execute maxTRANSPORT at each of the maxSTATIONs, including the

one where you ran the Domain Configurator.
Transferring the wks.ini File to all maxSTATIONs

Using Windows Explorer, copy the wks.ini file from the maxSTATION with
the master file to each of the other maxSTATIONs. All maxSTATIONs
require this file to be up-to-date It is suggested that you perform this step
while logged on as Administrator, because of the second step.
Running the maxTRANSPORT Utility

While logged on as Administrator, execute maxTRANSPORT at each of the
maxSTATIONs, including the one where you ran the Domain Configurator,
to make the changes go into effect.
You MUST do this while logged on as Administrator so that Transport will

update the maxNET IP addresses of each maxSTATION. The secondary
addresses will be changed from 172.16.xxx.yyy and 172.17.xxx.yyy to the
new addresses based on domain assignment. Also, the primary address will
be changed, if necessary, to the form 172.16.160.yyy and 172.17.160.yyy as
well as the addresses needed to access the DPUs in the domain(s).
Reboot the maxSTATION to make the changes to the IP addresses take

effect.

Setting up Domains
maxPROXY Point Alias Feature

There are some occasions where you need to access a few points across
domains, or need to use an alternate name to locate an object within the
maxDNA system. The Proxy Server has the ability to create an alias for any
point to which it has access.
Assigning an alias for a point

Insure that proxy is running in one or more stations that have access to all
domains involved
Edit c:\custom\database\alias.ini to include proxy points and copy to all

stations to alias the point. Note you typically want more than one station for
redundancy.
The format of alias.ini is:
<domain to register>,<alias name>,<actual name>
where:
<domain to register> - is one of the domains to which the workstation

running the proxy has direct access. The client station using the proxy
name needs the appropriate access to this domain (read or read/write) in
order to access the data.
<alias name> - any valid service name or hid. Typically different from the
original by prefix. For example 1PID101 may become 15PID101 where 15
is a common domain, and 1 is the domain where the point originates
<actual name> - is the service name of the point to be indirectly accessed.

May be a HID or service name.
Examples:
15,15pid101,1pid101
15,/unit15/fuel/air/point1,1pid101
Security
The proxy point is accessible by any station with read/write or read access to
the domain in which the alias is registered. The security token must be valid
as in remote or proxied access. That is either the level 9 password, or the
currently logged in password needs to be the same between the client station
and the station with the proxy for a write to be allowed.
Restrictions
There are no alarms for the alias point displayed on the station with alias
access.

Troubleshooting Domain Problems

Use the Transport Daemon (maxTRANSPORT) and the Registration and
Routing Service (maxRRS) Point List Facility to troubleshoot domain
problems. Both facilities are part of the Software Backplane suite of
software.
Before using these two facilities to investigate problems, make sure the
wks.ini file is distributed throughout your system. A missing file is the
number one reason for lack of communications.
If the file c:\custom\database\wks.ini is on a station, that station will

communicate only with other stations listed in that file. Additionally, the file
c:\custom\database\dpulist.ini must be correct to communicate with DPUs.
Make sure all your maxSTATIONs have the same wks.ini.
Designate a station as the master for wks.ini and DPUlist.ini. This should be
the station normally used to configure the system, as maxTOOLS4E
automatically updates DPUlist.ini. Propagate this file to all other stations
whenever a Workstation or DPU is added or removed.
Using Transport Daemon to Check Communications
Figure 2-3. a partial view of the Transport Daemon dialog.
Use the Transport Daemon dialog to find useful information for debugging
communications problems. The dialog should contain two happy faces for
Network A and Network B for each DPU or maxSTATION with which you
intend to communicate.

Setting up Domains
Figure 2-3 shows that Network B is not installed; the ? indicates that the
station has never communicated over this network. You can see both the
device name, and the IP address that is being used to communicate.
Much of the additional information is specialized debug information only of

use to a MAMC diagnostician.
Checking on Points Using Point List Facility

The Registration and Routing (RRS) program, the core of the software
backplane, is responsible for connecting clients with providers of
information. Providers register information on the software backplane.
Clients read, write and subscribe to that information through the software
backplane.
Points, registered by stations on maxNET, may reside on a single device,

(such as _lss), or may be exported to become available to all devices. A good
way to determine if a point is recognized by your system is to use the
Registration and Routing Service (RRS) Point List Facility.
To open the RRS Dialog:
1. Click the RRS icon in the System Tray.
2. Click the Point List button at the top of the dialog to access the
GetSortList dialog. The dialog shows a list of points (normally one page
at a time) that this station recognizes.
List of Points
Type a partial
tag name here
to filter the
list
Figure 2-4. GetSortList Dialog

If the point you are expecting to see is not here, determine whether you are
communicating with the device that contains the point, and that the point is
actually installed there. If it is a workstation you can use its point list to
confirm its presence. If you see it on the machine where it resides, but not on
other machines, perhaps it was not exported.
Most points have multiple destinations. In the case of a primary and

secondary DPU, there is a destination for each. Note that there is also a
quality associated with each destination. In a backup pair, the quality of the
active will always be higher than that of the inactive. The RRS will always
choose the highest quality destination when it is not specified.
RRS Connections
Many destinations will be that of L2 Transports. You can track them back
by the main RRS dialog. You need to match up the connection listed in the
point list with the RRS connection in some cases to track down problems. In
the following example, (Figure 2-5), a point created in the station whose
address ends with 160.60 would, in the point list, have a connection number
of 21, and a quality of 80.
Connection
Number
Last two
digits of IP
address
Connection
on that box

Connection
Quality
Figure 2-5. RRS Connections

Chapter 3
Setting up maxSTATION Password

Security Using Security Edit
Overview
Security Edit, a utility accessible only to the Administrator login, allows
system administrators to change maxSTATION passwords at any level, and
to select the default security levels for the operator and engineer groups.
The passwords, and the default levels, are stored in the stations Registry. As
part of this utility, the administrator can export (via floppy or other means)
the passwords and default levels and propagate them from one
maxSTATION to another so that like stations can be set up in a similar way.
The default passwords in effect when the software is installed are maxn,
where n is a single digit between 1and 9.
Setting up Password Security

To invoke the Security Edit utility, click the Start button, point to Programs,
Administrative Tools, and click Security Edit. When you invoke the
utility, a popup appears (see figure 3-1). From the popup, an administrator
may:
Modify passwords
Modify the default security levels
Export the passwords and levels to propagate them to another
maxSTATION.
Indicate if passwords are required when the user attempts to go to a
lower numbered security level.

Figure 3-1. MCS Security Edit screen upon entry
Modifying Security Level Passwords

To modify the security level passwords, locate the nine level buttons on the
Security Administration Dialog, select a level and enter a new alphanumeric
password for that level (level 0 has no password). Note that the previous
password is not visible.
Modifying Default Security for Engineers and Operators

To modify the default security levels at login for the engineers and
operators groups, in the Modify the Logins area of the Security
Administration Dialog, select a group and then enter the new desired level.
Exporting and Importing Passwords and Default Logins

To export the passwords and default login levels:
Click the Export button in the Save to File area of the Security
Administration Dialog to open a dialog box to designate the path and
filename for the exported data. The default path, A:\Security.reg, writes the
data to a diskette to port to other maxSTATIONs.

Setting up maxSTATION Password Security Using Security Edit
You may choose another path, including the local hard drive, but to avoid
problems, use the same file extension. The passwords are encrypted in the
file, so if the file were to be edited, the passwords cannot be easily read.
To import the passwords and default login levels:
Use Windows Explorer to point to the file, and then double-click on the file.
Because the files extension is .reg, the file will be recognized by Windows
Registry Editor, which will process the file, and then post a dialog box
stating that the data were entered into the stations registry.
NOTE: all of the maxSTATIONs that will be sharing data MUST have the
same passwords for any given security level. If they do not, then a station
may not be able to see the points that were exported from another
maxSTATION.
Password Entry Checkbox

The Password Entry checkbox determines whether passwords are required
when a maxSTATION user changes Security Levels. By default, the
checkbox is checked when you first open the dialog.
When this option is checked, password entry will not be required when
changing to a security level that is lower than the current level. In this mode
security level changes will behave like the earlier MAX-supplied systems.
When the box is unchecked, a password will be required when selecting a
level less than the current, except for the situations shown in the following
table.
From To
Current Level Selected Level Password required
9 Any No
Any 0 No

Chapter 4
Configuring Security at the

Process Level
Overview
Security in a maxDNA system uses a multitiered approach consisting of:
Process Security
Domain Security; see "maxPROXY Inter Domain Security Issues."
Remote Access: see "Remote Server Security Issues."
Process Security addresses the issue of who can write to what. Essentially,
process level security controls a write action to a Software Backplane ID. It
is the DPU that ultimately determines whether to grant or deny a write
request. The decision is based on a security scheme that relates the security
level of the source station that made the request to the security attributes of
the target Id (service.attribute). A service is an Atomic Block or Custom
Block.
The Security Scheme is contained in special Atomic Blocks that are within a
DPU and is the same for all DPUs within a system. MAMC supplies a
default version of the scheme that was designed to fit most needs. MAMC
also supplies the tools to view, and if necessary, modify it to meet your
specific needs.
Configuring the Schemes Database

To set up a process security database:
1. Launch the program, Security Scheme Editor. To activate the program,

open Windows Explorer, locate the folder
C:\MCS\Setup\MCSSecuritySchemesEditor.exe, and double-click on
SecuritySchemesEditor.exe. This opens the Security Schemes Editor
dialog.
Note: if you are logged on as Administrator, you may also activate the
program using Windows menus. Click the Start button on the Windows

task bar, point to programs, Max Administrative Tools and click

SecuritySchemesEditor.
2. Review the default scheme and modify it if necessary. This may include
the following:
Editing security level names

Editing definable attribute security classes
Editing scheme names
Editing scheme definitions
3. Using maxTOOLS4E, build the configuration for each DPU, adjusting,

if necessary, the security attributes of the services and their attributes.
Download the configuration and security scheme to the DPU; now the DPU
will enforce the security scheme as part of its normal activity.
Building a Security Database

Use the MCSSecurity Schemes Editor to implement system wide security at
the process level. The schemes editor utility creates a Microsoft Access-style
database which establishes write access privileges for various defined
security levels. This utility permits administrative or supervisory personnel
to assign write-access privileges to specific parts of a point database to
specific security levels.
The security database is downloaded automatically to a DPU as part of a

maxTOOLS4E point configuration database installation. maxTOOLS4E also
permits you to install the security database separately. See Publication
277597, maxTOOLS4E Users Guide.
A system generally consists of multiple DPU4E pairs, each with their own
configuration and a copy of the Security Scheme Database that is the same
across all DPUs. Systems are shipped with the default Security Scheme. You
may view and modify the database using the security scheme utility,
however default database settings provide an out-of-the-box security
policy to cover the majority of users.
A process security database consists of the following highly interrelated

elements:
maxSTATION Security Levels (0-9)

Attribute Security Classes or ASCs (0-15)
Schemes (0-15)
The definition of the 16 Security Schemes (0 15)

Configuring Security at the Process Level
(Note: for each security level, ASC, or scheme, a Unique Name may be
assigned for readability and easy identification. Internally the values for each
of the elements are stored as a number within the range shown in
parenthesis).
Assigning Schemes and ASCs to Custom Blocks

Configuration engineers building a point database, particularly a database
with custom elements, should become familiar with the Scheme Database.
A scheme must be assigned to each service (Atomic Blocks and Custom

Blocks), and an ASC must be assigned to each attribute of a Custom Block.
Overriding ASC Defaults using maxTOOLS4E Referencing
Additionally, each attribute of an Atomic Block is assigned a default ASC,

which may be overridden on an instance-by-instance basis using referencing.
Use maxTOOLS4E to configure referencing and use the Point Browser to
edit references. See Reassigning Attribute Security Classes, later in this
chapter.
maxSTATION Security Levels

Users gaining access to the system are assigned to a maxSTATION security
group. maxSTATION security consists of 10 independent security levels
numbered 0 through 9. The numbered levels correspond with the following
default security level names:
0. Guest
1. LabData
2. Technician
3. Operator 1
4. Operator2
5. Supervisor
6. Tuner
7. Engineer1
8. Engineer2
9. ByPass
Note: Level 0 implies no write access. Level 9 is referred to as Bypass

mode. When the maxSTATION is at Security Level 9. the DPU will grant all
Writes.
Except for level 9, these levels, used in combination with Attribute Security
Classes and schemes, suggest what areas of a process database such users
should be granted access. The default names may be edited or customized to
meet specific organizational needs.

Upon startup, a maxSTATION assumes a particular level depending on who

is logged on (in the Windows sense) to the station. If the user login is a
member of the engineer group it assumes the default Engineering Level. If
the user login is a member of the operator group it assumes the default
Operator Level.
Level numbering (Levels 1 8) is not to imply a hierarchy as in DBM-based

maxDNA Systems. For instance, level 1 is not necessarily lower than level
2, etc. If you desire, you may use the Security Edit program to make the
current system behave similar to the legacy systems.
To change the maxSTATION security level:
1. From the Windows Task Bar, click Start and point to Programs, maxDNA,
Utilities, and click SetSecurity.exe to access the following pop-up:
Note: To change the maxSTATION security level during maxVUE Runtime

operation: Access the maxVUE Runtime main menu and click the Security
button to open the following Security Pop-up: This pop-up is functionally the
same as the pop-up shown above it.

2. Select a level and enter the password associated with that level.
The passwords for each level as well as the default Engineering and default
Operator levels are set via the MCS Security Edit utility. See Chapter 3.
Note: to run Security Edit, the currently logged on user must be a member of
the Windows Administrator group.
Using Default Login

Use the Default Login button to change the maxSTATIONs Security level
to the default level that corresponds to the current Windows user.
If the user is a member of the maxSTATION Engineer or Operator group

then the default Engineer/Operator level will be selected. Otherwise the
default is set to 0. The default Engineer and Operator levels are set via the
Security Edit program. The initial values after installation are 3 for Engineer
and 1 for Operator. Depending on the current security level when the Default
Login button is clicked, a password may be required to actually change to
that level.
Changing security levels may not require a password, and depends on the
current and selected passwords, and the Password Entry mode selected via

the Security Edit program. The following table describes when a password is
required to change:
From To
Current Level Selected Level Password required
9 Any No
0 Any Yes
Any non-zero Default level for currently No
logged in user
Any non-zero A higher level Yes (unless selected level is the
default)
Any non-zero Any non-zero lower level Yes (unless the Password Entry
mode is set to allow lowering of
security levels without entering a
password).
Attribute Security Class (ASC)

In any process control system, many points may be written to, altering the
process in some way. Operators, for example, may issue write commands to
make mode changes, while engineers may issue writes that tune the system.
In a typical process environment, users issuing writes tend to fall into a small
number of groups. To further enhance process security, it is possible to
group writeable points by a user/application class.
By assigning all writeable points to specific classes, it becomes easier to

associate users with a class or classes. Such users should be permitted to
perform the write based on their role. For instance only Engineers should be
able to do writes that tune the system, whereas Mode changes should, in
general, be performed by an operator. These groups are the basis of Attribute
Security Classes (ASC), a set of sub-attributes.
Each service (Atomic, Standard, and Custom Blocks), is comprised of

attributes. Each attribute, in turn, has a set of sub-attributes. One of these
sub-attributes is Attribute Security Class. Attributes from different atoms
may be members of the same ASC.
The following are the MAMC-supplied Attribute Security Classes. Each

attribute of a MAMC-supplied Atomic Function is assigned one of these
ASCs.
ModeChange
Targets/Commands
Ack Alarm
AlarmLimit
Tune/Adjust
Configuration

The eight MAMC-supplied ASCs cannot be changed. However, you may use
the Security Scheme Editor Utility to create up to eight additional ASCs that
can be applied to attributes of Custom Blocks and overrides of Atomic
Function attributes. Any new ASCs that you create become part of a
security database and are available from a maxTOOLS4E list box containing
known ASCs.
Use maxTOOLS4E to override the ASC associated with the attribute for a
specific Atomic Block using references. See "Reassigning Attribute
Security Classes." Use maxTOOLS4E to assign an ASC to the attributes of
a Custom Block. See Assigning Attribute Security Classes in Custom
Blocks.
Viewing Security Assignments Using Point Browser

The Attribute Security Class values assigned to attributes of an Atomic or
Standard Function Block can be viewed in the Point Browser.
To view ASCs:
1. Open the Point Browser and in the tree view expand the Online
Configuration folder and select the Atom Types by Station /Atl DLL
node.
2. Click on a station (the Atomic or Standard Function Blocks should be

the same for all DPUs).
3. Click on the desired Function Block.
The Attribute Security Class is the right-most column. The ASCs are shown
with the numeric values and the corresponding text as of the last
configuration download via maxTOOLS4E.
Assigning Attribute Security Classes (ASCs) to Custom Blocks

maxTOOLS4E assigns the default ASC of 5(Configuration) to the attributes
of Custom Function Blocks.
To change the default setting:
1. Open maxTOOLS4E and select a Custom Block from the Tree View
pane on the left to open its tabular detail.
2. Click on the Attribute Security Class field and click the down arrow to
open a drop-down box listing available ASCs.
3. Select a different ASC. The following figure shows a drop-down list

box, again with the numeric and corresponding text.

Reassigning Attribute Security Classes (ASCs):

The ASCs assigned to each Atomic and Standard Function Block attribute
can be viewed via the Point Browser. See "Viewing Security Assignments
using Point Browser." If for a particular instance the ASC value is not
adequate it can be changed using an extended syntax of the Reference field.
The current syntax for exposing an attribute using the reference field is
shown below.
>exposedName.newCategory
This is extended as follows:
>exposedName.newCategory.newASC
Where newASC is the number of the desired ASC (0 15). The number
should correspond to one that has been assigned a name in the Security
Schemes Editor.
Other valid syntaxes are:
>..newASC ( only assign a new ASC)
>exposedName..newASC ( expose and assign a new ASC)
>.newCategory.newASC ( assign a new category and new ASC)
To only assign a new ASC:
<newASC
Using Schemes
Schemes define, for each of the ASCs, the Security Levels that are write
enabled. Use maxTOOLS4E to assign a scheme to each Function Block. A
security database may consist of up to 16 individual schemes. Systems are
supplied with five default schemes that should cover most needs. Use the

Security Scheme Editor to change these or develop new ones. There is no

fixed set as with the ASCs. The Scheme concept allows you the flexibility to
develop a relatively few write-sensitivity models to apply to Atomic Blocks
or Custom Blocks.
Default and any custom schemes may be viewed and configured in

maxTOOLS4E when you configure the SvcSecScheme attribute. See the
next section.
Assigning Schemes
Every Function Block has the attribute SvcSecScheme, which contains the
security scheme value. When an instance of a Function Block is created the
SvcSecScheme is assigned a value of 0. See the following figure. Note
although numeric values are stored internally, their corresponding scheme
names, assigned via the Security Schemes Editor, are displayed in the
dropdown list box. Use maxTOOLS4E to change values and assign new
values.
To configure schemes:
1. Invoke maxTOOLS4E and open the tabular detail for a specific Atomic
Block.
2. Edit the attribute SvcSecScheme.
Select from one of the following default schemes:
Normal(0)
NonCritical(1)
Calibration(2)
LockedMode(3)
Secure points(4)
Bypass(5)
Note: when you click in a field containing this attribute, you may click a
down arrow to select from a list of available schemes.

Using Security Scheme Editor Utility

Before using maxTOOLS4E to configure and download a security database,
use the Security Scheme Editor to define the security database. Use the
Security Scheme Editor Utility to:
Review and, if necessary, modify default security settings

Edit security level names
Edit definable attribute security classes
Edit scheme names
Edit scheme definitions
When you invoke the Security Scheme Editor Utility, the following dialog
appears:
Figure 4-1. Schemes View
When you first open the utility, the editor dialog opens in Scheme view. To
open the dialog in Attribute Security Class view or Level view, click the
appropriate buttons under Select View, appearing in the lower right corner of
the dialog. See Figure 4-1.
The Scheme Editor utility operates in two modes. If the currently logged-on
user is a member of the Windows Administrators group then the Editor
executes in read/write mode. Read/write mode allows the database to be

modified. Otherwise the editor executes in Read mode, allowing only view
access.
Note: While in Read mode the editor does allow modification of the screen
data; however the means of saving the edits to the database are disabled.
Figure 4-2. Attribute Security Classes View

Figure 4-3. Workstation Level View
Each view uses a similar format, but the information is organized differently.
Each of the three views features tabs across the top of the dialog, which may
be scrolled horizontally using the left/right arrow buttons.
When you select a view, tab entries appear for that specific view. For
instance, when the dialog opens in Scheme view, tabs representing each
available scheme appear. When you select Attribute Security Class view,
tabs for each available ASC appear.
The central portion of the dialog presents a table. It is useful to

conceptualize the Security Scheme Database as a three dimensional cube
with the axis being Schemes, ASCs and Security Levels. The editor,
accordingly provides three different two-dimensional views of the cube:
Scheme View : ASC vs Security Level (for a given Scheme)

ASC View : Scheme vs Security Level (for a given ASC)
Level View: Scheme vs ASC (for a given Security Level)
On any given view the fields that are editable have a white background,
while non-editable fields have a gray background.

In Levels view and Schemes View, rows for Attribute Security Classes
appears on the left. In Attribute Security Classes view, a Schemes row
appears on the left.
Likewise, in ASC and Schemes views, columns for workstation security

levels appear. In workstation Levels view, columns for security schemes
appear.
Editing Security Definitions

To understand how security settings can restrict access to certain data,
consider the following scenario.
The Security Scheme Editor Utility dialog is opened to Schemes view. This
view displays the settings for one scheme at a time. A scheme is selected
from the tabs at the top of the screen. From that view, the ASCs are listed
vertically and the Security Levels are listed horizontally, in a grid-type form.
The corresponding number of each name field is shown along side of it.
For a particular ASC a Security Level is enabled to write to an Attribute in

that ASC when its box is checked. Left clicking on the box toggles its state.
For example, on the scheme named Normal suppose Level 3 is the only
level enabled for ASC ModeChange. Also suppose that the Atom XYZ
was assigned to Scheme Normal via its SvcSecScheme attribute. Then at a
workstation with a Security Level 3, an operator can write to any attribute of
atom XYZ that has an ASC of ModeChange. If the workstation is changed
to any other Security Level, Write access to these same attributes would fail.
To edit current security settings:
1. Open the Security Scheme Editor Utility dialog and select a view:
q Attribute Security Class

q Scheme
q Level
2. Select a tab at the top of the dialog and click on checkboxes in the two-
dimensional table to toggle the state of a specific setting.
3. In read/write mode, click the Save button to permanently save database edits.
4. Click the Exit button to close the dialog. If any edits have not been saved,
you are prompted to save or discard them.
5. Use maxTOOLS4E to download the edited scheme database to the DPU4E.

Editing Unique Names and Defining New ASCs and Schemes

Use the Security Scheme Editor Utility to edit existing names or add new
names as you define additional ASCs or Schemes, or define your own
workstation level profiles.
The Name elements can be edited only from their respective views. For
instance, Scheme names can be changed only from the Scheme view; it is
grayed-out on other views. Note: the first eight ASC names are reserved for
MAMC use and cannot be changed.
In the various views, a text field associated with a number may contain a
corresponding Unique Name. For example, under schemes the numbers 00
correspond to the scheme called Normal. Under workstation security levels,
the numbers 03 correspond to Operator1. Additionally, in cases where a
user-defined class or scheme has not been defined, the name field appears
blank.
Viewing Security Settings Online in maxVUE Runtime

After the Scheme database is downloaded, use maxVUE to view the contents
of the Security Atomic Block objects within a DPU4E. The following MCS
supplied display allows the user to select a DPU4E.
C:\MCS\Displays\MN\SecuritySchemeView\SecuritySchemeView.mn
The display reads the Security Atoms from the selected DPU and presents
the data in exactly the same format as the MCSSecuritySchemesEditor. The
only difference is that all fields are grayed out indicating that no changes can
be made.
Note: Although the display is supplied with the maxVUE Runtime software,
you must set up the screen navigation to access this from their system
displays.
Intra-domain Security Issues

In order for a maxSTATION to be able to write values to another
maxSTATION in the same domain the passwords for the nine security levels
must be the same in both stations.

maxPROXY: Inter-domain Security Issues

Inter-domain sbp writes are controlled by three factors. First, the Proxy.ini
file in the maxSTATION running maxPROXY lists sbpIds that will be
accepted and passed on the destination unconditionally, without regard for
the security level of the source station. The default Proxy.ini includes entries
for Alarm Paging that should never be removed. Up to eight additional
entries can be added.
For sbpIds that are not listed in Proxy.ini, the second factor applies which is
that the passwords for the nine security levels must be the same in both
stations. If so, the sbp write will be accepted and passed on the destination.
Otherwise, it will be rejected and sent back to the source station with an sbp
error status of SBP_E_AUTHENTICATION_REJECTED (0x86).
After maxPROXY passes the sbp write onto the destination station, the third
factor applies which is the standard process security assigned to the target
sbpId (i.e. tag.attribute). The security level of the source maxSTATION, the
scheme of the service and the ASC of the attribute will determine if it is
accepted or rejected by the destination DPU4E.
Remote Server Security Issues

SbpWrites from maxSTATIONs that access the maxNET via a Remote
Server are controlled by three factors.
The first factor is the c:\custom\sbp\Remote.ini file in the maxSTATION

running RemoteServe. The [NORMAL_WRITE_IDENTIFIERS] section
lists sbpIds that will be accepted and passed on the destination
unconditionally, without regard for the security level of the source station.
The default Remote.ini includes entries for Alarm Paging, which should
never be removed.
The [WRITE_AUTHORIZATIONS] section contains the stations that are

permitted to perform SbpWrite actions beyond those listed in the
[NORMAL_WRITE_IDENTIFIERS] section.
Additionally, on each stations entry is a levels= field. It lists the security

levels that RemoteServ will allow the remote station to obtain. For instance
if a stations entry contained levels=1,3,5,7 then it would only be permitted to
acquire security levels 1,3,5 and 7 by RemoteServe whenever a user
attempted to change security levels via the maxVUE security popup. The
RemoteServe will modify SbpWrite messages to contain the remote stations
current security level before passing the message on to its destination.
The second factor that applies is that the passwords for the levels in the
levels=field must be the same in the remote maxSTATION and the
maxSTATION running RemoteServ. If so, then a change to this security

level will be accepted. Otherwise, it will be rejected and sent back to the
source station with an sbp error status of
SBP_E_INCORRECT_PASSWORD.
After RemoteServe modifies the sbp write message to contain the remote
stations current security level, it passes the sbp write onto the destination
station. The third factor would then be applied which is the standard process
security assigned to the target sbpId (i.e. tag.attribute). The security level of
the source maxSTATION, the scheme of the tab, and the ASC of the
attribute will determine if it is accepted or rejected by the destination
DPU4E.
Process Security Logic

The following diagram illustrates how a DPU logically processes a security
request. The Process Security logic in the DPU4E ties together the
information contained in the sbp write message and the Security Atoms as
follows:
SbpWrite Request Contains

ID: <service>.<attribute>
Security level of source
station.
DPU4E Write Request Processing for

Service.attribute:
svcScheme = <service>.SvcSecLevel (assigned via maxTOOLS4E)
attrASC = AttrSecClass of <attribute> ( hardcoded in Atomic and Standard Function
blocks, but may be overridden using reference field via maxTOOLS4E).
If Security Level of Source Station is write enabled for this attrASC in svcScheme
then allow the write (Status = SBP_OK)
else reject write (status = SBP_E_OPERATION_DISALLOWED)
Security Atoms within DPU4E

(Contains Security Schemes
database from most recent
configuration download)

Chapter 5
Checking Configuration Limits

Using the I/O Configurator
Overview
The maxPAC Input/Output System links the maxDNA Distributed Control
System to real world process control inputs and outputs. The number and
mix of I/O modules that may be configured depend on your specific
application requirements, DPU loading, and physical limitations associated
with a maxDNA system. To make it easier and quicker to estimate the
number of I/O modules required, taking into consideration system limits, use
the I/O Configurator estimation tool.
This tool takes the guesswork out of configuration estimating, since it checks
for known system limitations, and even warns you when you enter a
configuration mix that approaches or exceeds these limits.
Once you use the tool to specify an I/O configuration that stays within
system limits, it may be saved and exported to a text file, reloaded for
additional editing, or imported to maxTOOLS4E.
The tool takes the following factors into account:
Addressing limitations
Maximum number of I/O modules by type
Addresses per module
Electrical bus limitations
Burst limits
Service time base
Bus Extender Module (BEM) limitations
Software version
Understanding I/O Module Addressing Limitations

A maxDNA system accommodates up to 255 unique addresses for DPU. The
following table lists the number of addresses each module requires:
I/O Module Type Maximum Addresses per Module

SOE DIs: 1 address per card
Slow DIs: 1 address per card
Dos: 1 address per card

AIs: 2 addresses per card

AOs: 8 addresses per card
RTDs: 2 addresses per card
TCs: 2 addresses per card
QPATs: 4 addresses per card
Output Drivers: 2 addresses per card
Pulse I/Os: 2 addresses per card
Addressing limitations effect how many of a specific module type may be

configured per DPU. Refer to the following table:
I/O Module Type Maximum by Type

SOE DIs: 0 - 32 Cards.
Slow DIs: 0 - 254 Cards.
DOs: 0 - 254 Cards.
AIs: 0 - 72 Cards.
AOs: 0 - 31 Cards.
RTDs: 0 - 72 Cards.
TCs: 0 - 72 Cards.
QPATs: 0 - 63 Cards.
Output Drivers: 0 - 72 Cards.
Pulse I/Os: 0 - 72 Cards.
Creating a Configuration with BEMs

A single DPU supports up to 60 modules per electrical bus. To extend the
effective range between a DPU and connected I/O modules, up to eight
BEMs may be used. I/O modules connected to a remote BEM may be
located up to 2000 meters from the DPU. When BEMs are used, a DPU
could support up to 60 modules per location (locally, remotely, or both), and
up to 255 addresses total for the DPU.
While a DPU supports up to 60 I/O per location, as noted, a link delay exists
that is proportional to distance. The Extender circuits themselves introduce
very little delay.
The distance factor primarily impacts Digital Input modules set for SOE
operation. This is caused by the need to scan all SOE cards every 1 ms.
For example, at 2,500 feet, a DPU 4E can have 14 DI modules set for SOE.
No other restrictions limiting the number of cards exist. For instance, the
number of thermocouple or analog cards does not decrease because of
distance.

Checking Configuration Limits Using the I/O Configurator
Factoring in Service Time Base

In addition to addressing considerations, service time base settings can limit
the type and number of modules configured. Buffer-type Atomic Function
Blocks provide the interface between the software and hardware components
of the system. Like all Atomic Function Blocks, buffers include a
scheduling capability that controls their execution rate (ServiceTimeBase
attribute) and their order of execution (ServicePriority and ScheduleType
The ServiceTimeBase attribute lets you configure a three-tier execution rate

for each group and each atomic block within a group, consisting of Normal,
High, and Critical. The default schedule rates are 500ms, 100ms, and 40ms,
respectively.
Service time base especially impacts modules classified as burst cards:
AIs TCs
RTDs Pulse I/Os
The sum of the "burst cards" for each Service Time Base cannot exceed the
table size for that Service Time Base.
Burst Table Limits
Normal Time Base: 32 maximum burst cards.

High Time Base: 32 maximum burst cards.
Critical Time Base: 8 maximum burst cards.
For a more complete discussion of execution rate, see Publication 277589,

Function Blocks Programmer's Reference Guide, Chapter 1, "Setting Atomic
block and Group Execution Rates and Priorities."
Specifying Software Versions

The I/O Configurator supports two software versions, Version 2.X and 3.X.
Specify the software version installed on your system to get an accurate
representation of I/O modules and features associated with each version. For
instance, slow DIs are available with Ver. 3.X, but not with Ver. 2.X.
Creating an I/O Configuration Using the Configurator

To create an I/O configuration using the I/O Configurator: from the
Windows 2000 desktop, locate and double-click on the I/O Configurator icon
to access the following dialog:
(Alternatively, from the Windows task bar, click Start, point to Programs,
DPU4E Utilities and click I/O Bus Configuration Limits).

The dialog consists of areas for specifying options and for entering I/O
modules types organized by service time base, normal, high, and critical.
The balance of the dialog consists of percentage bars that indicate how much
of the system resources are used by the configuration.
As you create a configuration, refer to the percentage bars to monitor cycle

time and addressing resources, dequeue rates, burst table and queue space,
and bus limits and adjust your configuration accordingly.
Interpreting Percentage Bars

The percentage bars consist of color-coded bar graphs that change as you
enter quantities of I/O modules. A numerical percentage also appears within
each percentage bar indicating a precise measure of what resources have
been consumed.
The percentage bars are colored green to indicate that the configuration is
within system limits. If any percentage bar exceeds 90 percent, the bar graph
turns yellow. If any percentage bar exceeds 100 percent, the bar graph turns
red.
The two Resources bars represent IOP cycle time and address capacity. The
IOP processor in the DPU processes I/O every millisecond. The millisecond

percentage bar represents the percent of the 1msec cycle consumed by the
current configuration load.
The address percentage bar indicates the percent of addresses consumed by

the current configuration load. As noted, up to 255 addresses are permitted
per DPU.
The dequeue rate percentages bars measure how fast queue items, processed
by the IOP, are moving through five separate queues. The rate that queue
items enter a queue cannot exceed the rate that queue items leave the queue.
Should this occur, an overflow condition exists.
Dequeue rates are directly related to service time base selections (Normal,
High, and Critical). If any queue shows an overflow condition, make
adjustments to time base assignments.
The burst table space and queue space percentage bars represent the size of
the queue space consumed. The burst table space represents the address
space consumed by I/O modules defined as burst cards. Under Normal and
Critical, up to 32 addresses are permitted, respectively. Burst cards should
not be assigned to the critical time base category.
The Errors status area, in the upper right corner of the dialog, summarizes
the status of resources that the I/O Configurator monitors, consisting of:
Resources (DPU cycle time and address limits)

Dequeue rates
Space (burst table and queue space)
Bus limits (no more than 60 I/O modules per electrical bus; this is
related to the Total field appearing at the bottom of the I/O configuration
columns.)
When a resource in any of these four categories exceeds its limit, the field
next to the category name turns from green to red and the word bad appears.
Creating an I/O Configuration

To create an I/O configuration:
1. In the Options area of the dialog, select a software version that matches
the version installed on your system. Click the drop-down arrow to
select 2.X or 3.X.
2. In the field labeled #BEMs, enter the number of Bus Extender Modules
(BEMs) you plan to use. Enter a number from 0 to 8.
3. Note: when you specify a BEM range, the tool adds a BEM tab to the
dialog for each BEM.

4. In the timer fields, enter a range in milliseconds for the service time
base. Use the following ranges or accept the default entries:
Normal Timer range: 100 - 500 milliseconds in multiples of 20.

High Timer range: 40 - 500 milliseconds in multiples of 20.
Critical Timer range: 20 - 100 milliseconds in multiples of 20.
5. In the Card Select column, click the drop-down arrow next to each
available window field to select an I/O module.
6. For each selected module type, enter how many of that module type will
be needed by scheduling priority as Normal, High, or Critical. As you
enter numbers under each column, a subtotal appears at the bottom of the
columns. Additionally, a grand total appears beneath the subtotals.
Note: you may specify up to 60 modules per DPU. If you also specified
BEM requirements, each BEM is deducted from the total, since a BEM
counts as a module.
Specifying an I/O Configuration with BEMs

If you are creating an I/O configuration that includes BEMs, use the Local
tab to specify I/O module types in combination with each BEM tab to
specify quantities.
To assign I/O modules to a specific BEM:
In the Options area, specify the number of BEMs you will require. When
you specify a BEM quantity, the I/O Configurator creates BEM tabs for the
quantity specified.
Use the Local tab to specify I/O module types. In the Card Select column,
click the drop-down arrow next to each available window field to select an
I/O module.
Click a desired BEM tab and specify the distance between the remote BEM
rack and the DPU.
On the BEM tab specify a module quantity by type and service time base
(normal, high, critical).
Saving and Reloading a Saved Configuration

The I/O Configurator allows you to save an I/O configuration to a text file,
which you may use to reload a configuration into the application for later
editing.

To save a configuration:
Create a configuration using the I/O Configurator and click the Save button
at the bottom of the dialog.
A dialog prompts you to save any current edits to the configuration. Click
Yes or No. If you click No, current I/O Configurator edits will be lost.
A new dialog appears allowing you to save the configuration with an .ibc
(I/O bus configuration) extension or a .dat extension. Assign a name to the
configuration file, select a directory location, (or accept the default location),
and click Save.
A dialog asks if you would like the ability to import the saved file to
maxTOOLS4E. Click Yes or No.
To reload the configuration, click the Load button to access a directory and
double-click on the desired file name. The file will open in the I/O
Configurator.
Creating an I/O Configurator Report

You may create a preformatted report, listing all configured I/O modules
organized by service time base, and any selected configuration options.

System ResourcesMAXDNA b1

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

System ResourcesMAXDNA b1

Transféré par

Droits d'auteur :

Formats disponibles

System Resources

Copyright 2001, 2002 by Metso Automation MAX Controls Inc.

Metso Automation MAX Controls Inc. 277609

PREFACE ........................................................................................................................... III

CHAPTER 1 ...................................................................................................................... 1-1

Setting up Application Environments at the maxSTATION.................................................................................. 1-1

CHAPTER 2 ...................................................................................................................... 2-1

Setting up Domains ..................................................................................................................................................... 2-1

Metso Automation MAX Controls Inc. 277609

Setting up maxSTATION Password Security Using Security Edit......................................................................... 3-1

Configuring Security at the Process Level................................................................................................................ 4-1

Checking Configuration Limits Using the I/O Configurator .................................................................................. 5-1

Metso Automation MAX Controls Inc. 277609

Saving and Reloading a Saved Configuration........................................................................................................5-6

This publication, consisting of five chapters, was prepared to help you

Chapter 1 discusses the maxDNA software application platform and

Chapter 2 discusses network domains. A maxDNA system may use domains

Chapter 3 discusses maxSTATION password security. Use the Security Edit

Chapter 4 explains how to set up security at the process level. Process

Metso Automation MAX Controls Inc. 277609

Setting up Application Environments

maxSTATIONs are normally delivered with preloaded software. The

This chapter explains

q How maxDNA software is organized as viewed in Windows Explorer

q How software should be prepared (initialization files and maxDNA

q How to configure specific applications to start up automatically when a

q How to give maxSTATIONs individual application assignments

maxSTATION Hardware Overview

maxSTATIONs providing the human interface with the system.

Metso Automation MAX Controls Inc. 277609

The Operators Workstation uses maxVUE graphical interface software to

The Engineers Workstation is used for creating and maintaining

In addition to these functions, maxSTATIONs may be dedicated to a primary

In network domains, maxSTATIONs may also be configured as proxy

1-2 Metso Automation MAX Controls Inc. 277609

To better manage maxSTATION processing loads and to reduce network

q Alarms q Communications (maxLINKS)

See Setting up maxSTATIONs with Individual Assignments, later in this

Network and Communications Architecture

Most maxDNA applications, such as maxVUE and maxTOOLS4E, are

The SBP software suite includes the following core applications:

maxRRS - Registration and Routing (RRS), which connects clients with

maxLSS - Local Status Server (LSS), which provides maxSTATION

Metso Automation MAX Controls Inc. 277609 1-3

maxSTATIONs and DPU4E communicate with one another via maxNET.

Setting up maxDNA Software

Set up associated ini (initialization) files

Some maxDNA software, such as the Software Backplane suite, must be

Software Backplane Suite (see Network and Communications

maxRRS Registration and Routing (RRS)

maxTOOLS4E Configuration tools for DPU4E

Alarm annunciation Add audible signals to maxSTATION to indicate

1-4 Metso Automation MAX Controls Inc. 277609

MaxMergeAlm.exe Produce a merged alarm list derived from multiple

Events utility Collect, store, and log alarms and events

MCS Security Edit set up password security

Domain Configurator create domains

maxVUE Editor graphical user interface software which includes the

Metso Automation MAX Controls Inc. 277609 1-5

maxSTORIAN Historian and reporting package

Reports Package Create and generate history reports

maxLINKS Package containing a set of interfaces to other

Desktop Shortcuts and Program Menus