Third-party connectivity, Ads-wcf, A.3. third-party connectivity – BECKHOFF IPC-Security User Manual
Page 36: A.3.1. ads, A.3.2. ads-wcf
A.3. Third-Party connectivity
Third-party connectivity involves the connection of other systems, e.g. HMI, MES, ERP or other external
applications, to the PLC runtime, e.g. to cyclically read or write process values
There are several communication protocols available to achieve this kind of connection. This article de-
scribes three common ways to communicate with TwinCAT via well-known communication protocols. For
each protocol, the implemented security mechanisms will be briefly described.
A.3.1. ADS
The Automated Device Specification (ADS) is a proprietary communication protocol developed by Beckhoff
Automation. ADS has been developed to maximize throughput and data flow between TwinCAT components
and to enable communication via different transport protocols, e.g. to transmit ADS over a TCP or even
a serial communication channel. Because of this goal, ADS has not been designed to achieve security
purposes and therefore does not include any cryptographic algorithms because of their negative effect on
performance and throughput. However, ADS implements user authentication when establishing an ADS
route between two TwinCAT devices. Please also see chapter A.3 for more detailed information about ADS
and its corresponding routes.
A.3.2. ADS-WCF
The Windows Communication Foundation (WCF) represents Microsoft’s modern web service technology.
WCF provides a single API for cross-process/cross-network communication needs in Microsoft .NET. From
a security perspective, WCF already includes security mechanisms which are available in the API via so-
called profiles.
Beckhoff provides customers with a WCF web service that can be used to communicate with TwinCAT PLC.
All needed binaries for this web service are already included in TwinCAT setup and only need to be activated
and used by the customer’s application. This application would then act as an WCF-client. Please also see
[2] for more information.
A.3.2.1. Authentication
WCF supports the following models to authenticate a WCF-client:
▪ Username / password
36