Gei 100621 PDF

GEI-100621R
WorkstationST OPC DA Server

Instruction Guide
These instructions do not purport to cover all details or variations in equipment, nor to provide for every possible
contingency to be met during installation, operation, and maintenance. The information is supplied for informational
purposes only, and GE makes no warranty as to the accuracy of the information included herein. Changes, modifications,
and/or improvements to equipment and specifications are made periodically and these changes may or may not be reflected
herein. It is understood that GE may make changes, modifications, or improvements to the equipment referenced herein or to
the document itself at any time. This document is intended for trained personnel familiar with the GE products referenced
herein.
Public Information – This document contains non-sensitive information approved for public disclosure.
GE may have patents or pending patent applications covering subject matter in this document. The furnishing of this
document does not provide any license whatsoever to any of these patents.
GE provides the following document and the information included therein as is and without warranty of any kind,
expressed or implied, including but not limited to any implied statutory warranty of merchantability or fitness for
particular purpose.
For further assistance or technical information, contact the nearest GE Sales or Service Office, or an authorized GE Sales
Representative.
Revised: June 2020

Issued: Feb 2006
© 2006 – 2020 General Electric Company.

___________________________________
* Indicates a trademark of General Electric Company and/or its subsidiaries.
All other trademarks are the property of their respective owners.
We would appreciate your feedback about our documentation.

Please send comments or suggestions to controls.doc@ge.com
Public Information
Document Updates
Revision Location Description
Updated to state CSV to Live Data configuration moved to the
Variables Tab
R Live Data.csv File Interface
Updated the figure displaying the CSV To Live Data item in Variables
tab Tree View
Updated the installation folder location containing the LiveVarsToCsv.
exe and updates to include the OPC UA server
Q Live Data.csv File Interface
Updated the figure displaying the CSV To Live Data item in Variables
tab Tree View
New Chapter describing the Enable Client Security By User property,
P OPC DA Client Privileges
used to enable or restrict OPC DA or OPC UA user client privileges
Added a new .csv file format column, updated the existing screenshot,
N Live Data.csv File Interface
and added a paragraph providing the variable name formats
Acronyms and Abbreviations

EGD Ethernet Global Data, a control network and communication protocol
CMP Command Message Protocol
Comm CoE Communication Center of Excellence

DA Data Access
DCOM Distributed Component Object Model
HMI Human-Machine Interface

HTTP HyperText Transfer Protocol
ICN Integrated Control Network
OOS Out-of-service
OPC A standard for data exchange in the industrial environment
PDH Plant Data Highway
SDB System Database
SDI System Data Interface
UDH Unit Data Highway
2 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Public Information
Contents
1 Introduction.................................................................................................................................................4
2 Features ......................................................................................................................................................4
3 Variable Names ............................................................................................................................................5
3.1 Toolbox Variables through SDB.................................................................................................................5
3.2 ToolboxST Variables ...............................................................................................................................5
3.3 Data Update Rates ..................................................................................................................................6
3.4 Service Monitoring .................................................................................................................................7
3.5 OPC DA Server Variable Configuration ......................................................................................................8
4 ToolboxST Application ..................................................................................................................................9
5 Runtime Monitor Config Utility ......................................................................................................................9
6 OPC DA Client Privileges ............................................................................................................................ 13
7 Ethernet Global Data (EGD) ......................................................................................................................... 14
7.1 EGD Live Data..................................................................................................................................... 14
7.2 Produced Exchange Health ..................................................................................................................... 14
7.3 EGD Command Message Protocol ........................................................................................................... 15
7.4 Dynamic EGD Updates.......................................................................................................................... 15
7.5 Redundant EGD Produced Pages ............................................................................................................. 16
7.6 Produced Page Health ............................................................................................................................ 17
8 OPC Client Data Plug-in .............................................................................................................................. 21
9 SDI Data Plug-in ........................................................................................................................................ 21
10 TCI Plug-in.............................................................................................................................................. 21
11 Live Data.csv File Interface......................................................................................................................... 22
12 Network Status Monitor ............................................................................................................................. 24
13 Workstation Consumption by Proxy.............................................................................................................. 25
13.1 Initial Variable List Add ....................................................................................................................... 26
13.2 Switch from Primary to Secondary ......................................................................................................... 27
14 Alarm Attribute Plug-in.............................................................................................................................. 28
15 Variable Mapping...................................................................................................................................... 29
16 Configure DCOM ..................................................................................................................................... 29
16.1 DCOM Default Properties..................................................................................................................... 30
16.2 Default Access Permissions................................................................................................................... 32
16.3 Windows Workgroups Example ............................................................................................................. 35
16.4 Change OPC Server DCOM Settings ...................................................................................................... 44
16.5 DCOM Security .................................................................................................................................. 45
17 EGD ICN Service with WorkstationST.......................................................................................................... 47
17.1 Configure Network Connection with Multiple IP Addresses ........................................................................ 48
17.2 Configure IP Addresses ........................................................................................................................ 51
18 Glossary of Terms ..................................................................................................................................... 53
Instruction Guide GEI-100621R 3

Public Information
1 Introduction
OPC® is an industry standard for communication between vendors in an industrial environment. The non-profit OPC
Foundation provides the specification for the standard, as well as programming proxy stubs for OPC. OPC Data Access (DA)
is the standard for real time data. There are also standards for historical data, alarms, and events. The OPC server supports
OPC DA.
2 Features
The OPC server is OPC DA 2.05 and 3, as well as Ethernet Global Data (EGD) 3.04 compliant. The OPC DA 2.05 and 3.0
compliance is verified using the OPC Foundation Compliance Test Tool. It is a Class 4 EGD server, which means that it can
respond to EGD configuration HyperText Transfer Protocol (HTTP) requests, using all Communication Center of Excellence
(CoE) .xml configuration formats (Class 3) and is able to adapt to EGD configuration changes to consumed EGD nodes
(Class 4). It also:
• Supports Command Message Protocol (CMP) sending and receiving.

• Produces EGD exchanges.
• Consumes EGD exchanges from other EGD components.
• Supports data plug-in features, including OPC DA client data plug-ins.
This allows configuration of an internal OPC client to obtain variables at specified rates from another OPC DA server(s), and
to make those variables available in the OPC DA server. The variables from this connection can be configured for an
EGD-produced exchange.
Note Changes to configuration using the ToolboxST* application do not require a service restart, but are made through a
WorkstationST* device download and requires the ToolboxST application to produce .xml files.
• Provides System Data Interface (SDI) for public, non-EGD variables.

• Permits browsing for non-EGD variables. This protocol works for Mark* VI, UC2000, and Mark VIe controllers.
• Provides configuration through system database (SDB).
A Runtime Monitor Config utility allows you to configure the OPC DA server, and to select EGD components from an SDB.
The selected components are consumed by the OPC DA server.
Note The OPC DA server listens to EGD messages on the EGD port, which conflicts with older versions (prior to release
V02.03.03C) of the EGD Integrated Control Network (ICN) service. Refer to the section EGD ICN Service with
WorkstationST.

Public Information
3 Variable Names
OPC clients connected to OPC DA servers can add groups, which are collections of variables with an associated update rate.
A client can browse for the variable name using OPC DA 2.05 or 3.0. Once the client knows the variable name, the OPC
client adds the variable to a group. Variable names are defined by the EGD component and contained in that EGD
component’s produced data configuration file. The produced configuration file is an xml file published to the EGD
Configuration Server by the tool used to configure the EGD component. Tools that do not interact directly with the EGD
Configuration Server, but can interact with an SDB, can have their produced data configuration published to the EGD
Configuration Server by the Runtime Monitor Config utility included with the OPC DA server. Refer to the section Runtime
Monitor Config Utility.
3.1 Toolbox Variables through SDB

The variable names are determined by the user and the tool that produces the EGD configuration files. For the Control System
Solutions (CSS toolbox) in a Mark VI or UC2000, typical variable names are Region1\Region2\Region3\variableName where
Region2 and Region3 are optional. The SDB client used by the Runtime Monitor utility (and also used by ToolboxST
applications for systems containing SDB-enabled external components) uses the SDB name but replace the backslash with a
dot. For example, G1\Variable would become G1.Variable when translated from an SDB.
3.2 ToolboxST Variables

Variable names in the ToolboxST application typically display in one of three ways:
• DeviceName.variable
• DeviceName.program.variable
• DeviceName.program.block.variable
Note With the release of the ToolboxST application version 4.0, a variable can be configured with an alias property (alias
name). This adds alias names to the OPC DA server browsable namespace.
The variable name in the OPC DA server is the same as the name used by the ToolboxST application.
Note When displaying public variables in a Mark VIe device, the device name at the start of the variable does not display.
However, the device name displays when the variable is viewed from another component.

Public Information
3.3 Data Update Rates
When a client connects to the OPC DA server using an OPC DA 2.0 connection, the variable values in a group are updated
once when the group goes active, and again when a variable changes. The update on change only contains the variables that
changed since the last update. In addition, OPC DA 2.0 allows for a group deadband. When any variable changes by more
than that deadband, the variable is updated to the client. OPC DA 3.0 also allows a client to establish a deadband per variable.
The client requests an update rate when adding a group. The OPC DA server replies with the selected rate, which is the
closest multiple of the Maximum Client Rate configured in the WorkstationST OPC DA server tab, or in the Runtime Monitor
Config Options menu. For example, if the Maximum Client Rate is set to 100 ms and the client requests a rate of 80 ms, the
client is given a rate of 100. If the client requests 160 ms, the client is given a rate of 200 ms. The actual update rate of the
variables in a group depends on the rate that the variable is being updated to the OPC DA server. EGD variables are updated
at the EGD exchange rate. For SDI variables, the SDI live list is requested to the controller at the group rate.
In server performance testing:
• 5000 Boolean variables changed at 640 ms, and updated on one EGD exchange at 1000 ms
• 10000 floating point variables changed at 32 ms, and updated on 40 EGD exchanges at 1000 ms
• 100 floating point variables changed at 32 ms, and updated on one EGD exchange at 100 ms
The server maximum client connection rate was set to 10 ms and one client with one group was connected with a rate of 100
ms. With the client connected, the OPC DA server used between 20 and 30 percent of a Pentium® 4 2.6 GHz CPU. Without
the client connected, the CPU utilization was around 10 percent.
3.3.1 EGD-consumed Variables

The time stamp is the time from the component. The EGD protocol provides a time stamp in each produced exchange, which
is applied to all EGD-consumed variables.
3.3.2 SDI and OPC Client Variables

Variables that are read from SDI to a Mark VI, UC2000, or Mark VIe controller are marked with the time contained in the
header of the SDI live value update message.
Variables that are read from a remote OPC DA server using the OPC client live data plug-in are given the time stamp from the
remote OPC DA server.

Public Information
3.4 Service Monitoring
The WorkstationST component of the ToolboxST application provides configuration, monitoring, and control of the OPC DA
server. In addition, the OPC DA server Runtime Monitor application can be used to monitor and control the OPC DA server.
The Runtime Monitor application can be used to configure the OPC DA server in applications without the ToolboxST
application.
➢ To open the GE OPC DA Server Monitor screen: from the Start menu, select Programs, GE ControlST, OPC
DA Server, and GE OPC DA Server Monitor.

Public Information
3.5 OPC DA Server Variable Configuration
The following diagram shows the variable configuration.

Public Information
4 ToolboxST Application
ToolboxST V02.0 or higher is used to configure the OPC DA server, which is a feature of the WorkstationST component.
OPC DA server-owned variables are defined here, and optionally placed onto EGD. An OPC client feature allows for multiple
OPC DA server connections to obtain variables from an alternate OPC DA server.
The ToolboxST application allows you to select consumed components for a WorkstationST computer. The EGD for these
components is then consumed by the OPC DA server. The components can be external or ones configured by the ToolboxST
application. Data can be obtained from a SDB for an external component.
5 Runtime Monitor Config Utility

The Runtime Monitor Config utility allows you to
• Configure the server

• Start and stop the server
• Monitor server status
The utility allows you to select a SDB, as well as a next-generation SDB. EGD components in the SDB can be selected. You
can also add a network component to your SDB to represent the OPC DA server’s produced EGD exchanges. Once the
consumed EGD components from SDB are selected, a configuration build gets all variable data for each selected component
from the SDB, and places it into the EGD Configuration Server. The data from the EGD Configuration Server is then placed
in the configuration files needed by the OPC DA server.
The utility also provides an executable, OpcServerCfg.exe, which allows for a command line configuration update. The
OpcServerCfg has the following command line arguments:
Argument Definition
/help Display this help
/build Bind the EGD configuration from SDB and EGD Configuration Server, build
configuration files needed by OPC DA Server Service and request service to read
configuration (if no errors on bind)
/useWithErrors Request service to read configuration even if there are errors on bind

Public Information
➢ To modify the configuration: From the Tools menu on the GE OPC DA Server Monitor screen, select Modify
Configuration. If the SDB is enabled under Settings in the Options menu, the following window displays.

Public Information
If the SDB is disabled under Settings in the Options menu, the following screen displays:
Select components to be built into the configuration. All audible EGD variables are placed in the OPC DA server. Variables
are audible if the EGD exchange on which they reside is being sent to a destination (broadcast, directed, or multicast) that the
server can hear.
Note The address and subnet mask settings should match a network adapter used by the OPC DA server computer.
The Producer Device Name displays in the lower-left corner of the window. If the producer information cannot be obtained
from the EGD Configuration Server, click the Edit PC Network Settings icon to change the settings for this computer. For
example, if you wanted to consume an EGD component that was broadcasting a page to 172.20.255.255 on the network Unit
Data Highway (UDH), you could add a network in the Edit PC Network Settings dialog box, then enter the address, subnet
mask, and network name to hear this broadcast (for example, 172.20.100.10 mask, 255.255.0.0 network name UDH).

Public Information
The Build Configuration icon allows you to refresh selected SDB components, then put them into the EGD Configuration
Server. All selected EGD Configuration Server components are then built into a consumed data file and placed into the OPC
DA server’s configuration directory. If one of the selected components matches this producer component name, that
component becomes the produced data for the server. The OPC DA server must be restarted to read this changed
configuration.
Note If the EGD Generic Device editor is installed, the Launch Generic EGD Editor button displays.
➢ To view .xml files

1. In the OPC Server Devices list box, right-click a device.
2. Click the desired option.
➢ To remove a component from the EGD Configuration Server

1. In the Devices In EGD Config Server list box, right-click a device.
2. Click the desired option.

Public Information
6 OPC DA Client Privileges
Beginning with ControlST V07.07, the Enable Client Security By User property on the ToolboxST WorkstationST
Component Editor OPC DA server feature tab is used to enable or restrict OPC DA or OPC UA user client privileges. When
this property is set to True (enabled) and depending on Users and Roles configuration settings, the server allows OPC DA
clients access to browse for, read, and write variables. The following flow diagram illustrates these access privileges. Users
and Roles are configured using the Users and Roles tree view item in the System Information Editor.
OPC DA Client Privilege Flow Diagram

Public Information
7 Ethernet Global Data (EGD)
The OPC DA server has its own EGD server running, which handles the following:
• Consumption of EGD exchanges

• Production of configured EGD exchanges
• CMP Write commands to other EGD components
• Processing of CMP messages from other EGD components
• Responding to EGD Class 3 HTTP requests for configuration information
• Auto adapting to configuration changes in consumed Class 3 or higher devices
7.1 EGD Live Data

EGD exchanges from other components, such as Mark VIe, Mark VI, or UC2000 are received by the OPC DA server’s EGD
server, then made available for use by OPC clients. The exchanges must be on the same subnet if broadcast or multicast, or
directed to the computer running the OPC DA server.
EGD exchanges configured with variables owned by the OPC DA server are produced. The variables become writable OPC
DA server variables.
7.2 Produced Exchange Health

A health timeout multiplier is applied to all OPC DA server-produced EGD exchanges. This multiplier, if greater than 0,
determines the timeout when at least one variable on an exchange must be written to by an external OPC client. The timeout
is calculated as the exchange period times this multiplier. Exchanges driven by the OPC client data plug-in are marked
healthy.

Public Information
7.3 EGD Command Message Protocol
CMP messages are typically used by an Human-machine Interface (HMI) to write setpoint values, as well as to set and clear
Booleans to a controller. The OPC’s EGD server issues a CMP message to a consumed EGD variable when an OPC client
writes to the variable. Any other EGD node can also send a CMP write to the OPC server’s produced exchange variables. In
this case, the Write command sets the OPC DA server variable. If the variable is owned by the OPC client data plug-in, the
Write command is sent to the connected OPC DA server. If the variable has been subscribed to by an exterior OPC client, the
client receives an update of the variable’s value through the OPC On Data Change.
7.4 Dynamic EGD Updates

Consumed EGD components occasionally undergo configuration changes, which result in a signature change on the
exchange. Some components are capable of dynamic configuration changes. The OPC DA server attempts to keep its current
configuration.
If a configuration signature mismatch occurs, the OPC DA server requests a new configuration for the component with the
mismatch.
Note For Class 3 devices, data retrieval is attempted from the device. If that fails, a retrieval is attempted from the EGD
Configuration Server.
Changes to a component’s configuration that do not effect the EGD exchange are still sometimes required by the OPC DA
server or some other feature of the WorkstationST application. For example, a configuration may be downloaded to a Mark
VIe component with new alarm information or data logging information. Mark VIe components have the application minor
revision on the status page for the R, S, and T controllers. Mark VIe components also have the Dynamic Data Recorder
(DDR) revision on the default EGD page for R, S, and T controllers. The OPC DA server monitors the EGD variable values
for MinorRevisionX (X = R, S, or T) and DDRRevisionX. When the OPC DA server’s revision (kept in the EGD symbol table
for each component) does not match at least one of the R, S, or T revisions, the OPC DA server requests a configuration
update for the EGD symbol table for that component.

Public Information
7.5 Redundant EGD Produced Pages
WorkstationST EGD Produced Pages can be configured with primary or secondary redundancy. A primary redundancy sends
the Produced Page if the page’s data source is healthy. (Refer to the section Produced Page Health). A secondary Produced
Page is sent by another WorkstationST computer if the primary Produced Page is not heard for three periods. Typically a
consumer of an EGD Produced Page declares the page unhealthy if the page is not received after five periods. If the
secondary redundancy again detects the production of the primary page, data production is stopped. Like the primary, the
secondary producer sends the page if the page’s data source is healthy.
Note The period, which is user-configured as an exchange on a page, is the rate at which the exchange is sent.
➢ To show redundancy: From the WorkstationST Component Editor EGD tab, select the Produced Page to
check.
From the Property Editor , the

Redundancy level displays and can
be changed from the drop-down list.

Public Information
7.6 Produced Page Health
Each Produced Page contains WorkstationST variables. A data source for the variable values can be an OPC DA client
connected to the WorkstationST OPC DA server, an OPC DA server connected to the WorkstationST OPC DA client, or a .
csv file watched by the WorkstationST .csv file watcher.
Health Timeout Multiplier can be configured for each Produced Page. If the health timeout multiplier is greater than 0, and
at least one page variable is written by a data source within the timeout multiplied by the page period, the page is sent by the
primary producer (or the secondary if the primary is not producing). A flag allows the first variable in the page (the one at
offset 0.0) to be the only variable monitored to determine the data source health.

Public Information
OPC DA Client Page Health indicates the health of the Produced Page, which is sent if the OPC DA client is connected to
its configured OPC DA server and the server’s status is healthy.

Public Information
Primary produced page configuration is a page configured as primary in the WorkstationST component EGD page.
Secondary produced page configuration is a page configured as secondary in the WorkstationST component. The
secondary must be configured with the same page name as the primary page.
The data source variables (typically OPC DA server client-driven variables) must be present in the secondary WorkstationST
component, but it is not necessary to configure the EGD Produced Page layout in the secondary. At runtime, the secondary
adapts to certain primary configuration changes such as data type and offset changes to primary variables. When variables are
added or deleted from the primary, they must also be added to the secondary and downloaded, to allow the data source to
drive them.

Public Information
The following example displays variables defined in the OPC DA server tab to be written by an external OPC DA client.
With the release of ControlST software suite V04.05, the Client Driven Variables item was moved to the new Variables tab
and renamed WorkstationST Variables as displayed in the following figure.
The WorkstationST OPC DA server provides EGD and other data to OPC DA clients. If redundant data must be sent to
multiple OPC DA clients, multiple WorkstationST computers can be configured and each OPC DA client can connect to a
different WorkstationST OPC DA server. The OPC DA client must determine page health and select the best source.

Public Information
8 OPC Client Data Plug-in
For system configurations requiring data from a third-party OPC DA server, the OPC client data plug-in can be configured to
connect to, and obtain data from, the third-party OPC DA server. OPC clients connect to servers using Groups, which are lists
of variables updated at a configured rate. The ToolboxST application allows a WorkstationST component to be configured for
OPC client connections to external OPC DA servers. Groups can be added and variables added per group. Variables are
selected by browsing the OPC DA server.
9 SDI Data Plug-in

An SDI data plug-in is provided for variables that are not needed for control, but might be needed for diagnostics or tuneup.
All named variables are added to the EGD Configuration Server’s EGD symbol table. These variables are then added to the
OPC DA server for OPC client browsing. When a client adds a variable that is not on EGD, but is available through SDI, an
SDI connection is made to the controller and live data is updated until the OPC client disconnects or removes the OPC group
or variable. An SDI server provides access to any OPC DA server-owned variable through the SDI protocol.
10 TCI Plug-in
If the Mark V feature in a WorkstationST component is enabled, then it starts the GeCssTci System Service to communicate
with Mark V controllers. The OPC DA server uses the TCI data plug-in to communicate with the GeCssTci System Service to
retrieve the list of variables in the Mark V controllers and to exchange real time data and commands. There are no additional
configuration steps required for this plug-in. The Mark V feature creates the required symbol table automatically from the
Mark V configuration files. This plug-in also makes Mark V communication status available in the Additional Information
section of the OPC DA server in the WorkstationST Status Monitor.

Public Information
11 Live Data.csv File Interface
The WorkstationST application allows you to read and save variable live data in a .csv file. The Variables tab Tree View
contains a CSV To Live Data item that is used to configure the OPC DA server or OPC UA server to read and monitor one or
more .csv files for live variable values. The .csv files contain variable names and values. The variables must be existing
WorkstationST owned variables or any writable consumed variable.
When the OPC DA or OPC UA server is enabled, and whenever the specified .csv file is changed, the live values are read and
set to the variables specified in the .csv file. The variables can be any writable variables to which the WorkstationST has
access. For example, a client-driven variable can be defined and put onto an EGD Produced Page. This variable’s value is
then updated from the .csv file values. Any errors display in the Component InfoView Status tab.
If CSV Uses New Format is True, the .csv file format is a variable name with a value on each line, for example:
Var1, 3.7
Var2, true
Var3, 4.5
If CSV Uses New Format is False, the .csv file format is one line of variable names and a second line of data values, for
example:
Var1,Var2,Var3
3.7,true,4.5
The utility LiveVarsToCsv.exe, which is located in the WorkstationST Features installation folder, is used to read a snapshot
of live values and write them to an output .csv file. The command line utility’s syntax is as follows:
LiveVarsToCsv [options] <varCfgFileName |
var1,var2,var3...> <outputFileName>

Public Information
Where options are:
/opcClient - use an OPC client to the WorkstationST live data core, otherwise an SDI connection is used by default.
/host="name" - an optional host name. If not specified, local host is used.
/Horiz - Without this option, the output format has one line of comma separated variables and a second line with comma
separated values. With this option the output format has one line per variable with name, value and optional extended data.
/Extended - Additional information is appended to the variable column or row.
/Header - Includes a column header line. This option is only used when the /Horiz option is used.
/SeparateDateTimeColumns - Creates two columns for the variable's time stamp rather than one combined date/time column.
This is only valid when used with the /Horiz option /AdditionalColumns=col,val which allows the inclusion of a column
header(s) col with value val. For example, if you use:
/AdditionalColumn=Area,Train1, another column with a header text of Area and column values of Train1, would be appended
to the output. Multiple columns/values can be specified (for example Area,Train1,Customer,GE). This is only valid when
used with the /Horiz option /ColumnOrder=list which allows the order of the columns to be specified. The list is a comma
separated list of column header names.
Valid header names are:
Name, Value, Type, Time Stamp,Units,Description, Second Language Description.
If the /SeparateDateTimeColumns options was specified, Date and Time are also valid column headers.
If the /AdditionalColumns option was used, the headers specified are also valid for the ColumnOrder list. This is only valid
when used with the /Horiz option.
If the argument following the options is a valid file path, the file is expected to contain a list of variables, one per line with
optional comma separated columns for scale, offset and a translated output name (see an example below). Otherwise, the
argument following the options can be a list of comma-separated variable names.
Example varCfgFile format:
# Comments are allowed anywhere in the file if preceded by a ‘#’
var,scale,offset,translatedName
G1.Celcius,1.8,32,G1.Farenheit
Example using advanced options:
LiveVarsToCsv /Horiz /Extended /Header /SeparateDateTimeColumns /AdditionalColumns="Plant Area,Train1"
/ColumnOrder="Area,Name,Value,Date,Time,Description,Units,Second Language Description" var1,var2,var3 outputfile.csv
This utility can be used with the WorkstationST Task Scheduler to provide periodic writing of .csv data.

Public Information
12 Network Status Monitor
The Network Status Monitor Client, when enabled in a WorkstationST configuration, provides live data values for the current
network status through the OPC DA server. The following is the variable name form;
<workstationDeviceName>.NetMonitor.<otherDevice>.<networkName>.varname
The Booleans available include the following:
• Error
• Warning
• Online
In addition to the network monitor variables, each WorkstationST computer and MarkVIe controller provides a default
_Status page on EGD. The WorkstationST computer monitors the variables on the _Status page and provides their live values
to OPC DA clients.
The ToolboxST application uses an SDI live connection to obtain live values from the WorkstationST OPC DA server. A new
live updated status message provides the ToolboxST application access to the above network status. Using this list between
the ToolboxST application and a local WorkstationST computer does not create any additional network traffic. The OPC DA
server obtains the status information through EGD updates of _Status pages and from the Network Status Monitor Client
feature.

Public Information
13 Workstation Consumption by Proxy
A workstation can be configured to consume a device through another workstation which consumes the device locally through
the TCI interface (Mark V), or through EGD. The following diagram shows the data flow for clients requesting variables
consumed by proxy.

Public Information
13.1 Initial Variable List Add

Public Information
13.2 Switch from Primary to Secondary

Public Information
14 Alarm Attribute Plug-in
OPC DA clients can now subscribe to additional alarm attributes of a variable. This feature is enabled on the WorkstationST
Component Editor OPC DA tab. When enabled, the following attributes are available:
Attribute Description
AlarmAckCmd If the variable is an alarm, write to this attribute to acknowledged the alarm.
AlarmAckNeeded True if the variable is an alarm and the alarm needs to be acknowledged.
AlarmActive True if the variable is an alarm and the alarm is active.
AlarmConfigured True to indicate the variable is configured for an alarm.
AlarmIsOutOfSvc True when an alarm is currently out-of-service
AlarmIsShelved True when an alarm is currently shelved.
AlarmLocked True if the variable is an alarm and the alarm is locked.
AlarmOutOfSvcEnabled True if out-of-service has been enabled for this system using the ToolboxST system overview.
AlarmPriority The priority for the alarm. Analog alarm priority can be changed based on the alarm level.
AlarmResetCmd If the variable is an alarm write to this attribute to reset the alarm.
AlarmResetNeeded True if the variable is an alarm and the alarm can be reset.
AlarmShelvingEnabled True if shelving is enabled for this alarm. Shelving is enabled for a ToolboxST system in the
properties in the system overview and additionally each variable’s alarm shelving can be
enabled.
AlarmState The alarm state text for an alarm variable.
AlarmSymbolKey A string representing the alarm symbol to be used for this alarm. BQ = Bad quality or alarm
client not connected to alarm server. OO = out-of-service. AS = Shelved alarm.
<alarmClass>AU = active unacknowledged for specified class. <alarmClass>AUB = active
unacknowledged for specified class (class configured to blink). <alarmClass>AA = active
acknowledged for specified class. <alarmClass>alarmClass>NA = returned to normal and
acknowledged for specified class. <alarmClass>NU = returned to normal and
unacknowledged for specified class.
AlarmText The alarm text for an alarm variable.
AlarmTimeStamp The device time stamp for an alarm variable.

Public Information
15 Variable Mapping
When configured on the WorkstationST Component Editor Variables tab, any variable in WorkstationST OPC DA or OPC
UA server’s namespace can be cyclically moved to any other variable. There is a configuration setting for the rate at which
the mapping occurs. The following rules apply:
• The destination variable must be writable. (Note, if the destination variable is a writable consumed EGD data point or a
point in an external OPC DA or OPC UA server, the consumed EGD device or external OPC UA/DA server may limit
the rate at which writes are allowed. If the rate is reached, you should see write errors in the OPC UA or OPC DA server
detail logs.)
• This feature is implemented in the OPC UA server if the UA server has been enabled. Otherwise it is implemented in the
OPC DA server.
• The data type must match between the source and the destination of each mapped variable.
16 Configure DCOM
The Distributed Component Object Model (DCOM) utility allows components to communicate across network boundaries
but is also involved with client to server interaction on the same computer. DCOM is configured for both the server and client
computers using dcomcnfg.exe.
Note The DCOM utility resides in the Windows System32 directory.
➢ To start the DCOM utility

1. From the Windows Start menu select All Programs, Accessories, and Run.
2. In the Run dialog box, type dcomcnfg.exe, and click OK. The Component Services window displays:

Public Information
16.1 DCOM Default Properties
Note This does not apply to computers using Windows workgroups. Refer to the section Windows Workgroups Example.
DCOM must be configured to allow the client user access to the server computer, and the server user access to the client
computer. The server user is the system account on the server computer. Adding DOMAIN\ComputerName into the access
permissions allows access by the server to the client.
➢ To configure default properties: from the Component Services screen, right-click My Computer and select
Properties.

Public Information
From the My Computer
Properties dialog box
Default Properties tab, click
to select Enable Distributed
COM on this computer.
Click OK .
This configuration is the default. The Default Authentication Level on the client computer should either match, or be more
restrictive than the authentication level on the server. When a DCOM connection is attempted, the higher of the two levels is
used. If the server is configured for Connect level, and the client is configured for None, the client is rejected. This
authentication process occurs before any other DCOM security is checked.

Public Information
16.2 Default Access Permissions
The Default Access Permissions allow a remote client to communicate with the server. Communication between the client
and the server is required for connecting, adding OPC groups, and browsing variables. The client computer must allow access
by the server for live values to be updated.
Note Windows defaults the access permissions to allow access for both system and self. To allow any client to connect, you
must add Interactive with Allow Access permissions to the Default Access permissions.
The server is configured to run as a service and, by default, runs as a system. To receive live data updates, the client computer
must allow the system account from the server computer remote access.
➢ To edit the Default Access Permissions
From the My Computer Properties dialog box ,

click the COM Security tab.
In the Access Permissions

section, click Edit Default to
display the Access
Permission dialog box .

Public Information
Click Add to display the
Select Users, Computers,
Service Accounts, or
Groups dialog box .
Click Object Types to display the Object Types dialog box .
Note: If the computers are in a domain, you can add Object

Types of Computer. If the computers are in a workgroup, this
feature is not available.

Public Information
Click to select
Computers.
Click OK .
Enter the computer name and click Check Names to verify the computer exists in
the domain .
Enter your credentials if prompted.
Click OK .
In the above example, the computer named Corsair contains the OPC server. Corsair is added with access to this computer.
Add the same computer setting to the Limits for Access, Limits for Launch and Activation, and to Default for Launch and
Activation. Repeat this procedure for both Client and Server computers.
If the logon was changed to a different user, add the user computer rather than the server computer. Refer to the
WorkstationST OPC AE Server Instruction Guide (GEI-100624), the section Changing the OPC AE Server DCOM Settings.

Public Information
16.3 Windows Workgroups Example
This section describes the settings required to connect a DCOM client running as the System account to a DCOM server
running as the system account on a remote computer. Services run as the system account.
Note The System user is not the same as the Administrator user.
When a client running as System tries to connect to another computer in a workgroup, that client has no network credentials.
If the computers were in the same Windows domain, the client System user can be identified, but when using workgroups, the
remote server computer cannot identify the client user. Under these conditions, the client is seen by the server as Anonymous
Logon user.
Note Permissions must be applied to the server computer to allow the client to communicate to the server (connect, browse,
read, write). For the server to respond with data change notifications, the settings must be applied to the client computer.
Ensure that the Authenticate Users as Themselves local security policy has been set correctly.
Both the computers must be in the same workgroup and have an identical account and password on each. This common
account is the account under which the OPC DA client runs. This account should be included in the Default Access and
Default Launch and Activation Privileges with Remote Access enabled.
The default properties of the computer are left as the Windows default. For information on running dcomcnfg.exe and
changing computer properties. Refer to the WorkstationST OPC AE Server Instruction Guide (GEI-100624), the section
Configuring DCOM.

Public Information
16.3.1 Set Security Limits and Defaults
➢ To set security limits
2. In the Run dialog box enter dcomcnfg.exe and click OK. The Component Services window displays.
3. from the Component Services screen, right-click My Computer and select Properties.

Public Information
From the COM Security tab ,
in the Access Permissions
section, click Edit Limits to
display the Access
Permission dialog box .

Public Information
Verify the Allow check boxes
for both Local and Remote
Access are selected for
each user or group.
Note If ANONYMOUS LOGON is not on the list of Group or user names, refer to the section Add an Anonymous User to
add it.
Repeat these steps for Edit Default in Access Permissions, Edit Limits and Edit Default in Launch and Activation
Permissions, verifying that all Allow check boxes are selected for each user or group.

Public Information
16.3.2 Add Anonymous User
The OPCEnum service provided by the OPC Foundation does not include the ANONYMOUS LOGON, so it must be added
to the Launch and Access permissions in the OPCEnum Properties dialog box. This change does not require a restart. The
settings take effect the next time the OPCEnum service is started. For information on changing an individual DCOM server’s
settings, refer to the WorkstationST OPC AE Server Instruction Guide (GEI-100624), the section Changing the OPC Server
DCOM Settings.
➢ To add users and permissions

2. In the Run dialog box enter dcomcnfg.exe and click OK. The Component Services window displays.
3. From the Component Services window, expand the DCOM Config folder.
O pc E num d i sp l a ys a f t e r t h e W o rkst a t i o n ST
a p p l i ca t i o n i s i n st a l l e d .
R i g h t -cl i ck O pc E num a n d se l e ct P r ope r t i e s t o

d i sp l a y t h e O pc E num Pr ope r t i e s d i a l o g b o x.

Public Information
From the Security tab, the
default setting for Launch
and Activation
Permissions is
Customize .
Click Edit to display the

Launch and Activation
permission dialog box.

Public Information
Click Add to display the
Select Users,
Computers, Service
Accounts, or Groups
dialog box .
In the text box, enter anonymous logon and click OK .
The Launch and Activation Permission dialog box changes to display

ANONYMOUS LOGON in the Group or user names text box.

Public Information
Select ANONYMOUS LOGON .
Select the Allow checkboxes for

Local and Remote Launch
and Local and Remote
Activation .
Click OK .

Public Information
To set Access Permissions and
Configuration Permissions,
return to the OpcEnum
Properties dialog box Security
tab and repeat the previous three
steps for each section.

Public Information
16.4 Change OPC Server DCOM Settings
The default settings for the OPC DA server process are normally adequate. However, if you want the OPC DA server to run
as a user other than system, select the Control Panel, Administrative Tools, and Services tool to modify the Logon As (user).
This setting is made during installation and installing a new version runs the service as the default system account again.
Note If you change the Logon As setting, you must also change the DCOM identity setting to match.
➢ To change the GeCssOpcServer identity

1. From the Component Services screen Tree View, expand Console Root, Component Services, Computers,
and DCOM Config.
2. Right-click the GeCssOpcServer item and select Properties to display the GeCssOpcServer Properties dialog
box.
3. Click the Identity tab, verify that the option The system account (services only) is selected and click OK.

Public Information
16.5 DCOM Security
The information in the following sections is an excerpt from www.opcfoundation.org.
16.5.1 Abstract
OPC server vendors have two approaches to networking:
• The client can connect to a local server to use the existing proprietary network scheme. This approach will commonly be
used by vendors who are adding OPC capability to an existing distributed product.
• The client can connect to the desired server on a target machine, then use DCOM for networking. This approach may be
used in conjunction with the above approach.
Using DCOM for remote OPC client/server communications is necessary for cross-vendor interoperability. Consequently,
there are several issues that surface in the design, development, implementation, and deployment of distributed
(DCOM-enabled) OPC components.
DCOM can make distributed applications secure without any security-specific coding or design in either the client or the
component. Just as the DCOM programming model hides a component's location, it also hides the security requirements of a
component. The same (existing or off-the-shelf) binary code that works in a single-machine environment, where security may
be of no concern, can be used in a distributed environment in a secure fashion.
DCOM achieves this security transparency by letting developers and administrators configure the security settings for each
component. Just as the Windows NT File System lets administrators set access control lists (ACLs) for files and directories,
DCOM stores Access Control Lists for components. These lists simply indicate which users or groups of users have the right
to access a component of a certain class. These lists can easily be configured using the DCOM configuration tool
(DCOMCNFG) or programmatically using the Windows NT registry and Win32® security functions.
Whenever a client calls a method or creates an instance of a component, DCOM obtains the client's current username
associated with the current process (actually the current thread of execution). Windows NT guarantees that this user
credential is authentic. DCOM then passes the username to the machine or process where the component is running. DCOM
on the component's machine then validates the username again using whatever authentication mechanism is configured and
checks the access control list for the component (actually for the first component run in the process containing the
component).
If the client's username is not included in this list (either directly or indirectly as a member of a group of users), DCOM
rejects the call before the component is ever involved. This default security mechanism is completely transparent to both the
client and the component and is highly optimized. It is based on the Windows NT security framework, which is probably one of
the most heavily used (and optimized!) parts of the Windows NT operating system: on each and every access to a file or even
to a thread-synchronization primitive like an event or semaphore, Windows NT performs an identical access check. The fact
that Windows NT can still compete with and beat the performance of competing operating systems and network operating
systems shows how efficient this security mechanism is.
There are three main issues: authentication, launch (activation) permission, and access (call) permissions, which all operate
more or less independently of each other.
The first thing Windows NT does is to authenticate the user (as in the figure above). Whether or not this is done depends on
the authentication level defined in DCOMCNFG. This level is specified by both the client and server machines: the server
specifies the minimum required authentication level for incoming calls (any call that comes in below this is automatically
rejected via E_ACCESSDENIED), and the client specifies it’s required authentication level for each interface call. COM
automatically uses the higher of the two settings. More information on these settings can be found in the HELP file for
DCOMCNFG.
Once the user has been authenticated, two additional types of security are defined in DCOM: activation security
(permissions) and call security (permissions).
Activation security controls which classes a client is allowed to launch and retrieve objects from, and is automatically applied
by the Service Control Manager of a particular machine. Upon receipt of a request from a remote client to activate an object,
the Service Control Manager of the machine checks the request against activation setting information stored within it’s
registry.

Public Information
The HKEY_LOCAL_MACHINE\Software\Microsoft\OLE key’s DefaultLaunchPermission named value sets the machine-wide
default access control list (ACL) to specify who has access to classes on the system. For class-specific activation settings
(which take precedence over the default setting), the HKEY_CLASSES_ROOT\APPID\{…} key’s LaunchPermission named
value contains data describing the class’s ACL. These keys are set initially when NT is installed, and can be modified by
dcomcnfg.exe.
Call security provides the security mechanism on a per-call basis that validates inter-object communication after a
connection between a client and server has been established. Call security services are divided into three categories:
16.5.2 General Functions Called by Both Clients and Servers

• New interfaces on client proxies
• Server-side functions and call-context interfaces
The HKEY_LOCAL_MACHINE\Software\Microsoft\OLE key’s DefaultAccessPermission named value sets the machine-wide
default access control list (ACL) to specify who has access to classes on the system. For class-specific activation settings
(which take precedence over the default setting), the HKEY_CLASSES_ROOT\APPID\{…} key’s AccessPermission named
value contains data describing the class’ ACL. These keys are set initially when NT is installed and can be modified by
dcomcnfg.exe.
DCOM Overview

Public Information
17 EGD ICN Service with WorkstationST
The ICN service prior to V02.03.01 opened the EGD receiving port and the CMP receiving port by binding a socket to the
port for IPADDRESS.ANY without setting the reuse socket address flag. This meant that once the ICN service started, no
other process could bind a socket and receive EGD messages. Likewise, ICN service could not bind its sockets if another
process bound a socket to them first.
To allow multiple EGD processes to co-exist, version V02.03.01 and later of the ICN service bind the EGD sockets using an
unique address. The WorkstationST application, and the controller simulator products use this same technique for binding the
EGD sockets.
Note For new applications, when assigning IP addresses, the computer network connection's primary IP address should be
assigned to the WorkstationST computer. Other processes can use secondary addresses. It is important for the WorkstationST
computer to have the first address if it has been configured to produce EGD containing read/writable variables. If the
WorkstationST computer is not producing EGD, or is not producing any read/writable variables, this note does not apply.

Public Information
17.1 Configure Network Connection with Multiple IP Addresses
Windows allows multiple IP addresses to be assigned to a network adapter. Each EGD process must have its own unique
address or addresses. To configure a network connection with multiple addresses, use the advanced settings in the IP
configuration for a network.
Note In order for the EGD Command messages to be correctly routed, it is necessary for the primary (first) network
connection address to be the WorkstationST computer address.
➢ To configure a network connection with multiple addresses

Public Information
Public Information
Public Information
17.2 Configure IP Addresses
The addresses entered in the CSS toolbox Turbine HMI component for the PDH and UDH networks become bind addresses
in the icn.ini file used by the ICN service. ICN Service attempts to bind a socket to each address. Any addresses that fail
create an error entry in the Windows event log. If all addresses fail, the service stops.

Public Information
➢ To configure addresses for a WorkstationST component
1. From the ToolboxST System Editor, open a WorkstationST component.
2. From the General tab, add one or more Network Adapters.
When a download occurs, the EGD server portion of WorkstationST computer attempts to bind to the specified addresses.

Public Information
18 Glossary of Terms
Bind - To establish the correspondence between the data in an exchange and variables in a component.
Bind/Build - To bind the configuration for each consumed exchange and create/update the configuration for any produced
exchange.
Collection - More formally, an EGD Collection. Is a group of components that constitutes a formal subset of the components
participating in a particular EGD installation. This arbitrary grouping allows users to subdivide the system to make some tasks
easier.
Consume - To receive an EGD data message (exchange).
Consumer - An EGD node configured to receive an EGD data message.
EGD - A mechanism that provides access to global data between nodes supporting the EGD protocol.
Exchange - An EGD data message consisting of a header and a body of data. The header contains the producer ID and the
exchange ID that uniquely identifies the message. The body of data is a block of bytes in a format agreed upon by the
producer and all consumers.
Feature - An element of the WorkstationST runtime system, which can be optionally enabled through ToolboxST. Examples
include OPC Server, Recorder, and Alarm Viewer.
Global Data - A concept in which multiple controllers on a network can share information by exchanging portions of their
local memory with peer controllers.
OPC - A standard for data exchange in the industrial environment. The OPC foundation provides specifications for various
OPC standards such as OPC DA (Data Access) and OPC AE (Alarm and Event).
Produce - To send an EGD data message (exchange).
Producer - The EGD node configured to send data messages. The source of the data samples for an exchange.
Refresh - To bind the configuration for each consumed exchange for a particular consumed component.
Runtime - Software stored in the controller’s Flash memory that converts application code (pcode) to executable code.
Unbound Variables - Variables required by a consumer that were not found in the producer configuration during the bind.
Public Information

Gei 100621 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Gei 100621 PDF

Uploaded by

Copyright:

Available Formats

GEI-100621R

WorkstationST OPC DA Server

Revised: June 2020

© 2006 – 2020 General Electric Company.

We would appreciate your feedback about our documentation.

Acronyms and Abbreviations

CMP Command Message Protocol

Comm CoE Communication Center of Excellence

HMI Human-Machine Interface

ICN Integrated Control Network

PDH Plant Data Highway

SDB System Database

SDI System Data Interface

UDH Unit Data Highway

2 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 3

• Supports Command Message Protocol (CMP) sending and receiving.

• Provides System Data Interface (SDI) for public, non-EGD variables.

4 GEI-100621R GEI-100621 WorkstationST OPC DA Server

3.1 Toolbox Variables through SDB

3.2 ToolboxST Variables

Instruction Guide GEI-100621R 5

3.3.1 EGD-consumed Variables

3.3.2 SDI and OPC Client Variables

6 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 7

8 GEI-100621R GEI-100621 WorkstationST OPC DA Server

5 Runtime Monitor Config Utility

• Configure the server

Instruction Guide GEI-100621R 9

10 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 11

➢ To view .xml files

➢ To remove a component from the EGD Configuration Server

12 GEI-100621R GEI-100621 WorkstationST OPC DA Server

OPC DA Client Privilege Flow Diagram

Instruction Guide GEI-100621R 13

• Consumption of EGD exchanges

7.1 EGD Live Data

7.2 Produced Exchange Health

14 GEI-100621R GEI-100621 WorkstationST OPC DA Server

7.4 Dynamic EGD Updates

Instruction Guide GEI-100621R 15

From the Property Editor , the

16 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 17

18 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 19

20 GEI-100621R GEI-100621 WorkstationST OPC DA Server

9 SDI Data Plug-in

Instruction Guide GEI-100621R 21

22 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 23

24 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 25

26 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 27

28 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Note The DCOM utility resides in the Windows System32 directory.

➢ To start the DCOM utility

Instruction Guide GEI-100621R 29

30 GEI-100621R GEI-100621 WorkstationST OPC DA Server

Instruction Guide GEI-100621R 31