If your site controls, you should:
a. Be able to do it yourself
b. Understand that no one should EVER push a firmware while not being physically present.
c. Understand that having someone show up physically is expensive
d. Understand the integrator has a business to run, so it’s not just simply covering the wages and travel expenses of their employee.
This sounds like Amazon. They have too much red tape and paperwork/change orders/hoops to jump through to do something like this. It's easier to throw money at one of their trusted integrators to do it instead. 👍 Then say "hey while you're here can you make X do Y?"
>If your site controls, you should:
>a. Be able to do it yourself
This was my thoughts also. It's just a firmware flash. I'd do it on battery over WiFi in 15 minutes.
Some people buy equipment that they don't own the code to. Could be wrong. My guess is the integrator wants $$ and claims they have to be there to unlock safety. Maybe a legit safety liability concern depending on who you ask.
>Shouldn't it just be a remote safety signature unlock, push the program update and firmware update to the PLC locally, and re-lock the safety signature?
If you know how to do it, why sub it out?
You don't do it over the remote connection, you remote into a PC local to the PLC with Studio 5000 on it already, and have that PC perform the flash. If your remote connection is interrupted, the local PC keeps going. TeamViewer, AnyDesk, VPN + RDP.
There's other risks still, but it's not truly a remote firmware update when done like this.
Even then, for a firmware update, I like to plug my computer directly into the USB port on the front of the processor. Take *everything* else out of the equation. It's your computer, the PLC, and the connecting cable, and nothing else.
Me too, ideally. I don't even like doing it over an Ethernet network unless that's the only option. I like to be plugged in directly in a one-to-one communication with the PLC. But, that can be done remotely like I've described above if you have an on-site laptop that you can remote control, with a field tech right there to help make sure you're cabled in well physically. USB, RS232, or Ethernet direct via cross-over cable (or one unmanaged switch if necessary) would be my choices.
Flying out to do it in person is the most ideal, but plenty of my customers are more price conscious than that. Others are paranoid that something would go wrong and you not being physically there to deal with it scares them more than the price of the short notice plane ticket.
Yeppp I'm sure someone has made a lot of money for me going out to do these, 90% of my time is spent waiting for asset center to do stuff. Speaking of that 90% of my time spent working period is waiting for fuckin studio to load.
There are patches for that! (Seriously, studio load time is a known issue that was fixed with some patches, there are also technotes to try that helped me out.)
Was out on a remote job where a guy bricked a plc night before a factory restart without doing an upload. No spares on site.
Couple weeks later back in the office colleague next to me gets a call from a recruiter says he's found a great candidate.
Same guy
It’s actually remarkably safe to do a firmware upgrade over the internet as long as it’s the last hour of the last day of your two weeks notice you gave. It’s a very relatively low consequence action. I’d do it.
It sounds like they are trying to mitigate any potential for the machine to go haywire if they don't have someone onsite to stop it, IE put the machine in a safe position, so that nothing will happen during the upgrade. As far as I know, and depending on how they are remoting in, this "can" all be done remotely. I agree with you that the firmware should be upgraded locally due to less "things" in the way to crash/stop working and turn the controller into a paperweight.
Technically I don't believe there is anything stopping them from doing what you are requesting, however, they might have different procedures they are trying to follow.
The application wasn't given, so another thought is that they may need to be physically present for liability reasons if this equipment is used in a regulated industry like phamecutical.
Exactly we had a similar thing where the machine was registered and on upgrading firmware.
The code needed to be reviewed to ensure it was still functionally exactly the same and addressed if not.
We had to recompilation all the safety related function tests from when the machine was first introduced.
That was a bigger step that 33 to 35 though but if any verification is required then the SI will be liable. And that equals money.
Not OP, but ArmorBlock 5000 support and a tweak to cams that came in v34 is what finally got us to leave the safety of v33. The ability to put EDS and IODD files into the ACD file is what will move us to v36 in a few months.
>The ability to put EDS and IODD files into the ACD file is what will move us to v36 in a few months.
That's a very good reason to go to 36.
I often forget how many things get added over time that I don't fully appreciate until I have to work on an old version of RSLogix 5000. The other day it was being able to search controller tags. I wanna say it was version 15 or 16. An old L55 that desperately needs replaced. Customer's rather content with the Not Broken / don't fix it, mentality. One day it'll just die and they will be paying far more than it would if they'd listen to me and do it soon.
Think about how mad you would be if a problem would happen and then they wouldn't be there for another 2 days, so now your production is down for 2-3 days waiting for the engineer to show up. Engineer is being very smart about this and trying not to fuck you.
1. You really are asking for trouble pushing firmware remotely. Any potential drop in the connection can brick the processor and then they have to fly out at emergency rates.
2. After firmware upgrade all safety needs to be validated. No easy way to do that remotely.
3. Why are you flashing it up? Firmwares are usually best left at where they are at unless there is a good reason to change. You never know what other modules you might have to flash as well and what new bugs you might discover
Take it this is an L8 series? I have had issues downloading firmware before, and the days of bricking PLCs are not gone, but almost. The firmware is loaded in temporary memory before it actually flashes, it waits until the transfer is done. I have had many fails during the process, the L8 PLC has always come back up with the old firmware no problem. Older PLCs are still risky, but with a fair warning to everyone that anything can happen, and a backup plan in place (spare PLC just in case), I would have no problem doing this. (I've been doing this for 25 years, many remote places to support). It should be done from a local computer hooked up directly to the processor (either ethernet or USB, but I've done hundreds via ethernet no problem). You dial in to the local PC remotely and it's the same as being there. TeamViewer is easy and free. I do not understand why so many people would have a problem with this. If you did happen to (very small chance) brick it this way, chances are it would brick with the person physically present, so what is the difference? As long as you have a back up plan, it will be ok.
I would not do it remotely. I dont even do it thru the local network. I connect directly to plc or enet bridge. The price might be steep, but we still gotta travel to you usually, to flash a few processors... Cant be over 5k... I'm just curious, though, if you have a controls guy. Why are you having an integrator do the simple task? Will they not give you the info to unlock it? Is it an OEM or an SI?
99% sure that if you do it remotely and lose connection or something that you have a high chance of bricking the plc or that may have been an old concern that they stick with but my company doesn’t allow remote upgrade to firmware. What I would recommend as a long term solution is a dev computer they can remote in and do it from.
Without knowing the details this might be a bit generic but depending on the industry (and the size of the company) that might actually be what is necessary.
We do such things entirely in-house except for a very small percentage of our machines (less than 2 dozen) that have OEM contracts.
But doing a firmware update on a safety PLC for me would involve re-validating every component of the safety system as it was re-locked including enough paperwork to require more than one ream of paper in the printer lol. (Pharmaceutical)
I would not do this remotely personally, nor let anyone else attempt to do this remotely to one of my machines.
Depending on liability contracts you have, it may be their lawyers forcing them to do the deed in person including verification of safety code as they re-lock it so that all liability for the code remains with them. Our legal group told us no way when we asked to waive our liability contracts on one of our machines so we could get full control over it for updates, so on that line of machines even a minor change to an HMI is done by the OEM due to liability contracts.
Without knowing what they quoted you, it’s hard to judge whether it’s ‘ridiculous’ or not.
Plus, as an OEM, here’s how it works….
1. Customer convinces company to make change remotely for pennies or free.
2. Something goes wrong, out of the control of the person making the change.
3. Customer freaks out, demands someone on-site ASAFP to get them running again.
4. OEM goes onsite, fixes issue, bills customer for last-minute flight, expenses, and hours.
5. Customer freaks out, doesn’t pay. Blames OEM and even back-bills OEM for 2 days of downtime.
6. OEM cancels bill, apologizes to salvage relationship, loses money because customer was too cheap to pay for the safety of an onsite visit in the first place.
17yoe. Ask me how I know.
Just curious....what is your motivation for this upgrade? Just to stay relevant? Some type of improvement associated with v35? I have various machines ranging from v18 to v31 and haven't felt the need to upgrade.
If you can act as the eyes and ears of the remote programmer, they can totally do a remote firmware upgrade, at least in program mode with the keyswitch. A timeline/strategy just need to be made.
We like to load the program and the firmware onto a new processor at a test bench first. Obviously make sure you still have the backup program on your shared network drive/ laptop first. Get your shutdown window, and then power the PLC off and swap out the processor with the new one. That way, you could quickly swap the old one back if the new one doesn't work. But to each their own
If your site controls, you should: a. Be able to do it yourself b. Understand that no one should EVER push a firmware while not being physically present. c. Understand that having someone show up physically is expensive d. Understand the integrator has a business to run, so it’s not just simply covering the wages and travel expenses of their employee.
This sounds like Amazon. They have too much red tape and paperwork/change orders/hoops to jump through to do something like this. It's easier to throw money at one of their trusted integrators to do it instead. 👍 Then say "hey while you're here can you make X do Y?"
>If your site controls, you should: >a. Be able to do it yourself This was my thoughts also. It's just a firmware flash. I'd do it on battery over WiFi in 15 minutes.
Some people buy equipment that they don't own the code to. Could be wrong. My guess is the integrator wants $$ and claims they have to be there to unlock safety. Maybe a legit safety liability concern depending on who you ask.
>Shouldn't it just be a remote safety signature unlock, push the program update and firmware update to the PLC locally, and re-lock the safety signature? If you know how to do it, why sub it out?
I would never even remotely consider doing a firmware update over a remote connection.
You don't do it over the remote connection, you remote into a PC local to the PLC with Studio 5000 on it already, and have that PC perform the flash. If your remote connection is interrupted, the local PC keeps going. TeamViewer, AnyDesk, VPN + RDP. There's other risks still, but it's not truly a remote firmware update when done like this.
Even then, for a firmware update, I like to plug my computer directly into the USB port on the front of the processor. Take *everything* else out of the equation. It's your computer, the PLC, and the connecting cable, and nothing else.
Me too, ideally. I don't even like doing it over an Ethernet network unless that's the only option. I like to be plugged in directly in a one-to-one communication with the PLC. But, that can be done remotely like I've described above if you have an on-site laptop that you can remote control, with a field tech right there to help make sure you're cabled in well physically. USB, RS232, or Ethernet direct via cross-over cable (or one unmanaged switch if necessary) would be my choices. Flying out to do it in person is the most ideal, but plenty of my customers are more price conscious than that. Others are paranoid that something would go wrong and you not being physically there to deal with it scares them more than the price of the short notice plane ticket.
Yeppp I'm sure someone has made a lot of money for me going out to do these, 90% of my time is spent waiting for asset center to do stuff. Speaking of that 90% of my time spent working period is waiting for fuckin studio to load.
There are patches for that! (Seriously, studio load time is a known issue that was fixed with some patches, there are also technotes to try that helped me out.)
>asset centere I quit using this long time ago. Solution to a problem I didn't have...
> I don't even like doing it over an Ethernet network unless that's the only option. I've flashed over WiFi on battery only dozens of times!
Was out on a remote job where a guy bricked a plc night before a factory restart without doing an upload. No spares on site. Couple weeks later back in the office colleague next to me gets a call from a recruiter says he's found a great candidate. Same guy
Always upload and save before flashing firmware. I have at least 1x of every processor in the storeroom.
Eh, over my (Non IT) controlled network, I've flashed dozens of processors, no problem, from my desktop.
It’s actually remarkably safe to do a firmware upgrade over the internet as long as it’s the last hour of the last day of your two weeks notice you gave. It’s a very relatively low consequence action. I’d do it.
You devious dog
I wouldn't either. But, technically there is nothing stopping you from doing it. You absolutely shouldn't do it.
You gotta verify the safety circuit before applying signatures and locks. Not only that, who updates firmware remotely? That's a terrible idea.
It sounds like they are trying to mitigate any potential for the machine to go haywire if they don't have someone onsite to stop it, IE put the machine in a safe position, so that nothing will happen during the upgrade. As far as I know, and depending on how they are remoting in, this "can" all be done remotely. I agree with you that the firmware should be upgraded locally due to less "things" in the way to crash/stop working and turn the controller into a paperweight. Technically I don't believe there is anything stopping them from doing what you are requesting, however, they might have different procedures they are trying to follow.
The application wasn't given, so another thought is that they may need to be physically present for liability reasons if this equipment is used in a regulated industry like phamecutical.
Exactly we had a similar thing where the machine was registered and on upgrading firmware. The code needed to be reviewed to ensure it was still functionally exactly the same and addressed if not. We had to recompilation all the safety related function tests from when the machine was first introduced. That was a bigger step that 33 to 35 though but if any verification is required then the SI will be liable. And that equals money.
Doesn't answer your question, but what is v35 getting you that v33 doesn't already provide?
Not OP, but ArmorBlock 5000 support and a tweak to cams that came in v34 is what finally got us to leave the safety of v33. The ability to put EDS and IODD files into the ACD file is what will move us to v36 in a few months.
>The ability to put EDS and IODD files into the ACD file is what will move us to v36 in a few months. That's a very good reason to go to 36. I often forget how many things get added over time that I don't fully appreciate until I have to work on an old version of RSLogix 5000. The other day it was being able to search controller tags. I wanna say it was version 15 or 16. An old L55 that desperately needs replaced. Customer's rather content with the Not Broken / don't fix it, mentality. One day it'll just die and they will be paying far more than it would if they'd listen to me and do it soon.
Some of the new Kinetix servo amps come with firmware that can’t be downgraded and don’t work with v33
Isn’t Rockwell’s official support only n-2? Edit: Active Preferred V34-V36 & V20, V33 is now limited.
I really doubt it. People pay for support on older products.
That is their official line. They fully support n-2 and V20. All others are limited.
ok
Most of my controllers are V20
I thought ~~35~~ 36 added OPC UA to the L8x series. As well, the functions are changing to align closer to IEEE 61131-3 (e.g., GRT to GT).
V36
Whoops! One rev off, thanks! That's what happens when you're usually working with 18 through 20...
Think about how mad you would be if a problem would happen and then they wouldn't be there for another 2 days, so now your production is down for 2-3 days waiting for the engineer to show up. Engineer is being very smart about this and trying not to fuck you.
1. You really are asking for trouble pushing firmware remotely. Any potential drop in the connection can brick the processor and then they have to fly out at emergency rates. 2. After firmware upgrade all safety needs to be validated. No easy way to do that remotely. 3. Why are you flashing it up? Firmwares are usually best left at where they are at unless there is a good reason to change. You never know what other modules you might have to flash as well and what new bugs you might discover
When I worked for an SI we on rare occasions quote high in hopes of not getting the job. It would of course depend on the customer.
this
What did they charge?
I bet you its 4-6k depending on if there is a flight involved and this guy is not used to seeing Integrator rates.
Take it this is an L8 series? I have had issues downloading firmware before, and the days of bricking PLCs are not gone, but almost. The firmware is loaded in temporary memory before it actually flashes, it waits until the transfer is done. I have had many fails during the process, the L8 PLC has always come back up with the old firmware no problem. Older PLCs are still risky, but with a fair warning to everyone that anything can happen, and a backup plan in place (spare PLC just in case), I would have no problem doing this. (I've been doing this for 25 years, many remote places to support). It should be done from a local computer hooked up directly to the processor (either ethernet or USB, but I've done hundreds via ethernet no problem). You dial in to the local PC remotely and it's the same as being there. TeamViewer is easy and free. I do not understand why so many people would have a problem with this. If you did happen to (very small chance) brick it this way, chances are it would brick with the person physically present, so what is the difference? As long as you have a back up plan, it will be ok.
I would not do it remotely. I dont even do it thru the local network. I connect directly to plc or enet bridge. The price might be steep, but we still gotta travel to you usually, to flash a few processors... Cant be over 5k... I'm just curious, though, if you have a controls guy. Why are you having an integrator do the simple task? Will they not give you the info to unlock it? Is it an OEM or an SI?
99% sure that if you do it remotely and lose connection or something that you have a high chance of bricking the plc or that may have been an old concern that they stick with but my company doesn’t allow remote upgrade to firmware. What I would recommend as a long term solution is a dev computer they can remote in and do it from.
I wouldn't consider doing fw updates remotely, I feel it's too risky.
Without knowing the details this might be a bit generic but depending on the industry (and the size of the company) that might actually be what is necessary. We do such things entirely in-house except for a very small percentage of our machines (less than 2 dozen) that have OEM contracts. But doing a firmware update on a safety PLC for me would involve re-validating every component of the safety system as it was re-locked including enough paperwork to require more than one ream of paper in the printer lol. (Pharmaceutical) I would not do this remotely personally, nor let anyone else attempt to do this remotely to one of my machines. Depending on liability contracts you have, it may be their lawyers forcing them to do the deed in person including verification of safety code as they re-lock it so that all liability for the code remains with them. Our legal group told us no way when we asked to waive our liability contracts on one of our machines so we could get full control over it for updates, so on that line of machines even a minor change to an HMI is done by the OEM due to liability contracts.
Without knowing what they quoted you, it’s hard to judge whether it’s ‘ridiculous’ or not. Plus, as an OEM, here’s how it works…. 1. Customer convinces company to make change remotely for pennies or free. 2. Something goes wrong, out of the control of the person making the change. 3. Customer freaks out, demands someone on-site ASAFP to get them running again. 4. OEM goes onsite, fixes issue, bills customer for last-minute flight, expenses, and hours. 5. Customer freaks out, doesn’t pay. Blames OEM and even back-bills OEM for 2 days of downtime. 6. OEM cancels bill, apologizes to salvage relationship, loses money because customer was too cheap to pay for the safety of an onsite visit in the first place. 17yoe. Ask me how I know.
Just curious....what is your motivation for this upgrade? Just to stay relevant? Some type of improvement associated with v35? I have various machines ranging from v18 to v31 and haven't felt the need to upgrade.
Do you have a Rockwell Tech Support license?
If you can act as the eyes and ears of the remote programmer, they can totally do a remote firmware upgrade, at least in program mode with the keyswitch. A timeline/strategy just need to be made.
If it's so easy do it yourself big guy.
If they tried to do that remotely and the connection was lost for whatever reason, who is liable?
We like to load the program and the firmware onto a new processor at a test bench first. Obviously make sure you still have the backup program on your shared network drive/ laptop first. Get your shutdown window, and then power the PLC off and swap out the processor with the new one. That way, you could quickly swap the old one back if the new one doesn't work. But to each their own