In FA (Factory Automation), an industrial network system controls production facilities. In the industrial network system, a plurality of slave devices which perform control of various production facilities and data collection and a master device (PLC: Programmable Logic Controller) that centrally controls the slave devices are connected to each other through a control-system network (field network). The PLC installed in a production line or a production site is connected to a host computer through an information-system network, and a system manager or an engineer can perform state monitoring or maintenance of each industrial network system with the computer.
In a specification of a general PLC, pieces of information used in a ladder program and the like are stored as setting variables in a memory, and the setting variables are rewritten from an external computer, which allows change or correction (debugging) of operation of the PLC. A data type of the setting variable is roughly classified into a fixed-length data type such as an int type (integer type) and a real type and a variable-length data type such as a string type (character string type). In the conventional PLC, an upper limit size of the variable-length data such as the string type is restricted to a relatively small value (for example, 256 bytes).
One of the reasons the upper limit size is restricted is a constraint of a maximum frame length (a frame size transmittable in one-time data transmission) in the industrial network. There are various standards in the industrial network. For example, the maximum frame length is as quite small as about 500 bytes in DeviceNet or CompoNet that is a typical control-system network. In the restriction, it is necessary to read or rewrite the setting variable from the external computer. Therefore, as described above, it is necessary to restrict the upper limit size to about 256 bytes.
Conventionally, the restriction hardly becomes troublesome because the variable exceeding 256 bytes is not originally intended to be dealt with by the PLC. Nowadays, with the progress of a function of the PLC, there is emerging a need to provide the setting variable of several kilobytes to several megabytes in the PLC to perform higher-level processing or flexible processing. Although extension is relatively easily performed on the PLC side, actually the maximum frame length that is of the network standard is hardly extended. Accordingly, a mechanism to transmit and receive large-size data is required in a framework of the existing industrial network.
In the framework (IP fragmentation) of general TCP/IP communication, in the case that a size of an IP packet exceeds an MTU (Maximum Transmission Unit), the IP packet is transmitted while divided into a plurality of packets, the individually-received packets are combined to restore the original packet on the reception side based on header information (for example, see Japanese Unexamined Patent Publication No. 2001-313675). However, the fragmentation framework is not prepared for a protocol (for example, CIP (Common Industrial Protocol)) generally used in the industrial network.
When the variable having the size larger than the maximum frame length is rewritten from the external computer, it is necessary to adopt a method of transmitting the data while dividing the data into a plurality of frames. In this case, the variable in a memory is safely overwritten through a procedure in which the variable is overwritten after the original data is restored on the PLC side by combining the pieces of data received multiple times. However, the procedure is hardly employed on the protocol for the industrial network. The protocol for the industrial network is designed with more emphasis on a real-time property and transmission efficiency, but the protocol for the industrial network does not include the framework like session management in terms of TCP/IP. Therefore, whether all the pieces of divided data are unmistakably received on the PLC side cannot be determined or guaranteed.
For this reason, the inventor tries a procedure, in which the divided data is transmitted to the PLC with an offset (an address from a head of the variable) and the data is sequentially written in a variable area of the memory on the PLC side every time the data is received. FIG. 5 illustrates an example of the procedure. FIG. 5A illustrates the data written in the PLC, and FIG. 5B illustrates the frame transmitted from the computer and s memory state of the PLC in time series. The procedure to set a character string “ABCDEFG” to a variable “abc” is illustrated in FIG. 5. It is assumed that the data size transmittable in one frame is 5 bytes. It is assumed that 10 bytes are assigned as the data area for the variable “abc” to the memory of the PLC, and it is assumed that the a character string “123456” is stored in an initial state.
As illustrated in FIG. 5A, the write data is the string type data, and the write data is constructed with 8 bytes of character codes “41, 42, 43, 44, 45, 46, and 47” of each of “A, B, C, D, E, F, and G” and a null code “00” of a terminal character. The write data is transmitted in twice because only 5 bytes can be transmitted in one frame. In the first frame, 5-byte data (codes of five characters “ABCDE”) from the head is transmitted together with an offset “0”. When receiving the frame, the PLC writes the character codes of “ABCDE” in the address of the offset “0” of the variable “abc”. In the second frame the remaining 3-byte data (the character codes of “FG” and the code of the terminal character) is transmitted together with the offset “5”. When receiving the frame, the PLC writes the character codes of “FG” and the code of the terminal character in the address of the offset “5” of the variable “abc”. Therefore, the rewrite of the setting variable in the memory of the PLC is completed.
Advantageously the procedure in FIG. 5 is simple, and the procedure is easily employed on the industrial network. However, in the procedure in FIG. 5, there is a risk of generating the following problem. As can be seen from FIG. 5B, the data area of the variable “abc” of the PLC becomes a state “ABCDE6” in a transition period until the data of the second frame is written since the data of the first frame is written. Although the character string “ABCDE6” is improper data, the character string “ABCDE6” is pursuant to a string type data structure. Therefore, whether the data is improper cannot be determined on the PLC side. In the case that processing in which control program operating on the PLC refers to the variable “abc” is generated during the transition period, a malfunction (unintended operation) of the PLC is possibly generated. In the production site, frequently it is necessary to change or correct the setting variable on line without stopping the operation of the PLC. Accordingly, it is necessary to minimize a risk that the PLC generates the malfunction using the partially-written data. In this case, the string type data is described by way of example. However, the similar problem is possibly generated in the case that variable-length data terminated by a predetermined terminal code is written in the PLC.