Modicon M580 Controller Firmware History Release Notes

Legal Information

The information provided in this document contains general descriptions, technical characteristics and/or recommendations related to products/solutions.

This document is not intended as a substitute for a detailed study or operational and site-specific development or schematic plan. It is not to be used for determining suitability or reliability of the products/solutions for specific user applications. It is the duty of any such user to perform or have any professional expert of its choice (integrator, specifier or the like) perform the appropriate and comprehensive risk analysis, evaluation and testing of the products/solutions with respect to the relevant specific application or use thereof.

The Schneider Electric brand and any trademarks of Schneider Electric SE and its subsidiaries referred to in this document are the property of Schneider Electric SE or its subsidiaries. All other brands may be trademarks of their respective owner.

This document and its content are protected under applicable copyright laws and provided for informative use only. No part of this document may be reproduced or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), for any purpose, without the prior written permission of Schneider Electric.

Schneider Electric does not grant any right or license for commercial use of the document or its content, except for a non-exclusive and personal license to consult it on an "as is" basis.

Schneider Electric reserves the right to make changes or updates with respect to or in the content of this document or the format thereof, at any time without notice.

To the extent permitted by applicable law, no responsibility or liability is assumed by Schneider Electric and its subsidiaries for any errors or omissions in the informational content of this document, as well as any non-intended use or misuse of the content thereof.

Safety Information

Important Information

Read these instructions carefully, and look at the equipment to become familiar with the device before trying to install, operate, service, or maintain it. The following special messages may appear throughout this documentation or on the equipment to warn of potential hazards or to call attention to information that clarifies or simplifies a procedure.

⚠️ The addition of this symbol to a "Danger" or "Warning" safety label indicates that an electrical hazard exists which will result in personal injury if the instructions are not followed.

⚠️ This is the safety alert symbol. It is used to alert you to potential personal injury hazards. Obey all safety messages that follow this symbol to avoid possible injury or death.

DANGER indicates a hazardous situation which, if not avoided, will result in death or serious injury.

WARNING indicates a hazardous situation which, if not avoided, could result in death or serious injury.

CAUTION indicates a hazardous situation which, if not avoided, could result in minor or moderate injury.

NOTICE is used to address practices not related to physical injury.

Please Note

Electrical equipment should be installed, operated, serviced, and maintained only by qualified personnel. No responsibility is assumed by Schneider Electric for any consequences arising out of the use of this material.

A qualified person is one who has skills and knowledge related to the construction and operation of electrical equipment and its installation, and has received safety training to recognize and avoid the hazards involved.

Before You Begin

Do not use this product on machinery lacking effective point-of-operation guarding. Lack of effective point-of-operation guarding on a machine can result in serious injury to the operator of that machine.

Unguarded Equipment

WARNING

• Do not use this software and related automation equipment on equipment which does not have point-of-operation protection.
• Do not reach into machinery during operation.

Failure to follow these instructions can result in death, serious injury, or equipment damage.

This automation equipment and related software is used to control a variety of industrial processes. The type or model of automation equipment suitable for each application will vary depending on factors such as the control function required, degree of protection required, production methods, unusual conditions, government regulations, etc. In some applications, more than one processor may be required, as when backup redundancy is needed.

Only you, the user, machine builder or system integrator can be aware of all the conditions and factors present during setup, operation, and maintenance of the machine and, therefore, can determine the automation equipment and the related safeties and interlocks which can be properly used. When selecting automation and control equipment and related software for a particular application, you should refer to the applicable local and national standards and regulations. The National Safety Council's Accident Prevention Manual (nationally recognized in the United States of America) also provides much useful information.

In some applications, such as packaging machinery, additional operator protection such as point-of-operation guarding must be provided. This is necessary if the operator's hands and other parts of the body are free to enter the pinch points or other hazardous areas and serious injury can occur. Software products alone cannot protect an operator from injury. For this reason the software cannot be substituted for or take the place of point-of-operation protection.

Ensure that appropriate safeties and mechanical/electrical interlocks related to point-of-operation protection have been installed and are operational before placing the equipment into service. All interlocks and safeties related to point-ofoperation protection must be coordinated with the related automation equipment and software programming.

NOTE: Coordination of safeties and mechanical/electrical interlocks for pointof-operation protection is outside the scope of the Function Block Library, System User Guide, or other implementation referenced in this documentation.

Start-up and Test

Before using electrical control and automation equipment for regular operation after installation, the system should be given a start-up test by qualified personnel to verify correct operation of the equipment. It is important that arrangements for such a check are made and that enough time is allowed to perform complete and satisfactory testing.

EQUIPMENT OPERATION HAZARD

• Verify that all installation and set up procedures have been completed.
• Before operational tests are performed, remove all blocks or other temporary holding means used for shipment from all component devices.
• Remove tools, meters, and debris from equipment.

Failure to follow these instructions can result in death, serious injury, or equipment damage.

About the Book

Document Scope

This document presents a history of Modicon M580 controller firmware releases, including a description of improvements made to each firmware release.

The firmware update procedure can be found in the Modicon M580 - Update Procedure, User Guide.

NOTE: Schneider Electric firmware is continuously reviewed and updated to maintain a high level of quality of our products.

Ensure your installation is up to date with the newest firmware versions, to help protect your infrastructure against cybersecurity threats and to experience improved quality performance.

For further information please visit the Schneider Electric Cybersecurity Support Portal: https://www.se.com/ww/en/work/support/cybersecurity/overview.jsp

Validity Note

This document is valid for Modicon M580 firmware versions up to and including version 4.20.

For product compliance and environmental information (RoHS, REACH, PEP, EOLI, etc.), go to www.se.com/ww/en/work/support/green-premium/.

Information on Non-Inclusive or Insensitive Terminology

As a responsible, inclusive company, Schneider Electric is constantly updating its communications and products that contain non-inclusive or insensitive terminology. However, despite these efforts, our content may still contain terms that are deemed inappropriate by some customers.

M580 Firmware Versions

M580 V04.20

Limitations

EADM is a common utility tool used for updating firmware in many Schneider Electric Industrial Automation products and can be downloaded here: https://www.se.com/ca/en/download/document/EADM/

Inoperable Equipment

• Do not upgrade with firmware version 4.01 or later any of the following Modicon M580 commercial references with a product version (PV) 3 or earlier: BMEP581020(H), BMEP582020(H), BMEP582040(H), BMEP583020, BMEP583040, BMEP584020, BMEP584040.
• If you intend to upgrade the M580 controller with a firmware version 4.01 or later, and you are using a Modicon M580 RTU module in association, first upgrade the RTU module to firmware version 03.02.02 or later and test your application.
• If you intend to upgrade the M580 controller with a firmware version 4.01 or later, and you are using a Modicon BMENOC0301 or BMENOC0311 module in association, first upgrade the BMENOC module to firmware version 02.20 or later and test your application.
• If you intend to upgrade the M580 controller with a firmware version equal to or greater than 4.01, and you are using a Modicon BMENOC0321 module in association, first upgrade the BMENOC module to firmware version 1.09 or later and test your application.

NOTE: Product version (PV) can be found on the product label. Current software version (firmware version) running on the product can only be found in connected mode with: EcoStruxure Automation Device Maintenance (EADM) or EcoStruxure Control Expert.

M580 V04.20 Improvements

• Improvement of Cybersecurity: New Secure Engineering link modes. Support of HTTPS communication between M580 controller and Control Expert.
• Improvement of SYSLOG events recovery: The SYSLOG events are stored in the M580 non-volatile memory, they can be recovered and downloaded from the M580 webpage using an HTTPS connection.
• Security Vulnerability Addressed: CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
• Bug fix: BMEP584040 I/O Scanner control bit (DIO_CTRL) that had been working incorrectly by resetting the bit repeatedly between 0 and 1 without effect.
• Security Vulnerability Addressed: CVE-2023-6408
• New Cybersecurity Feature: M580 V4.20 feature enabling external access to SYSLOG from web pages.
• Security Vulnerabilities Addressed: CVE-2018-7855, CVE-2023-5735
• Security Vulnerability Addressed: CVE-2022-45789
• Bug fix: Control Expert V15.2 & M580 Hot Standby v3.20, which were non-operational on application download.
• Third-party components updated for cybersecurity: OpenSSL (CVE-2023-0286, CVE-2022-4304, CVE-2023-0215, CVE-2022-4450)
• Bug fix: M580 V4.10 unable to connect via TFTP to EF OPCUA client

NOTE: EcoStruxure Control Expert V16.0 is required to use the new features of M580 controller Firmware version 4.20 (i.e., select M580 controller V4.20 as the application level).

Firmware version 4.20 is compatible only with the Modicon M580 Standard offers (Standalone and Hot Standby controllers). The Modicon M580 Safety offer is not supported by this release.

V4.20 M580 Controller Firmware New Features

• Secure Communication Drivers
• Engineering Link Modes
• Security Editor Whitelist, page 12
• Security Editor Password, page 12
• SYSLOG Events Recovery, page 12

Secure Communication Drivers

HTTPS and HTTPS via USB are new drivers that support secure engineering links.

NOTE: For clarity, two pre-existing drivers have been renamed:

• TCPIP is now Modbus TCP
• USB is now Modbus TCP via USB

Engineering Link Modes

Depending on the level of targeted cybersecurity, you can select one of the following three Engineering Link Modes:

Full Access

The controller behaves as in previous firmware versions. Secure and non-secure communications are accepted.

• For Control Expert communication, the controller accepts the non-secure drivers Modbus TCP and Modbus TCP via USB or secure drivers HTTPS and HTTPS via USB.
• For SCADA or controller to controller communication, Modbus TCP (port 502) is accepted.

Filtered (default)

A hybrid mode you can use to apply cybersecurity on the engineering link, and non-secure connectivity on links to SCADA or other controllers.

• For Control Expert communication, the controller accepts the secure drivers HTTPS and HTTPS via USB.
• For SCADA or controller to controller communication, Modbus TCP (port 502) or UMAS (OFS) are accepted.

NOTE: In Filtered mode, the controller accepts the unsecure drivers Modbus TCP and Modbus TCP via USB but only with Connection mode set to monitoring in the options of the project. Monitoring mode is a read only mode, where it is not possible to download an application to the controller or stop the controller.

Enforced

This mode provides the highest level of security. Only secure protocols are accepted by the controller:

• For Control Expert communication, the controller accepts only the secure drivers HTTPS and HTTPS via USB.
• For SCADA or controller to controller communication, Modbus TCP (port 502) or UMAS (OFS) are NOT accepted.

M580 V04.10

Firmware Version 04.10 Improvements

• Improvement: M580 SD card diagnostic in %SW97 for application mismatch
• Improvement: M580 SD card diagnostic in %SW97 for missing SD card
• Fix: M580 Forced bit counter decrement in %SW102 and %SW108 when over limit of 1024
• Add: System time catchup bit status %SW73.4 in Time Stamping feature
• Improvement of robustness: For some Modbus commands
• Improvement of cyber security protection: CVE-2022-45788
• Restriction: "Initialize %MWi on cold start" option to not reset %SW138 and %SW141
• Fix: Regression since 4.02 affecting reconfiguration of submodules with FDR and FTP
• Improvement: M580 diagnostics in DiagFiles
• Improvement: Cyber security linked to UMAS protocol
• M580 controller start-up time with firmware version 4.10 and later is increased by 50% compared to firmware version 3.20.

NOTE: Firmware version 4.10 replaces version 4.02, which is no longer available. EcoStruxure Automation Device Maintenance (EADM) version V3.1.147 or later is required to perform the firmware upgrade operation.

EcoStruxure Control Expert V15.3 is required to use the new features introduced with the M580 controller Firmware version 4.10 (select M580 controller V4.10 as application level).

Firmware version 4.10 is compatible only with the Modicon M580 Standard offer (Standalone and Hot Standby). The Modicon M580 Safety offer is not supported.

M580 V04.02

Firmware Version 04.02 Improvements

• Fix: Regression since 4.01. When using Modbus FC 15 to write multiple coils to M580 controller, the result of the operation is not predictable.
• Fix: Regression since 4.01. It is not possible to update firmware of X-bus only in-Rack modules through the controller backplane. X-bus modules with Ethernet front port access are not impacted. For BMXNOM0200 module firmware update, M580 rack power supply must be reset manually after the operation.

NOTE: Firmware version 4.02 replaces version 4.01, which is no longer available. Use version 4.02 or later in place of version 4.01.

EcoStruxure Control Expert V15.2 is required to use the new features introduced with M580 controller firmware version 4.01 (select M580 controller V4.00 as application level).

Firmware version 4.02 is compatible only with the Modicon M580 Standard offer (Standalone and Hot Standby). The Modicon M580 Safety offer is not supported.

M580 V04.01

Firmware Version 04.01 Improvements

• Improvement of cybersecurity protection: Secure firmware update with EcoStruxure Automation Device Maintenance
• Improvement of cybersecurity protection: HTTPS for Data Storage, webpage access and firmware update (Self-Signed certificates)
• Implementation of a new feature: SNMPv 3 (NoAuthNoPriv only)
• Implementation of a new feature: NTPv4 client/server and NTPv4 server for better time precision and resiliency
• Implementation of a new feature: OPC UA Client as Elementary Function Blocks (EF) compliant to PLCopen Standard
• Improvement of event log: Update SYSLOG version RFC 3164 to RFC 5424
• Implementation of a new feature: Support BMENUA0100(H) Firmware version 2.01 for customized unique role name
• Implementation of a new feature: New Controller Device DDT type "T_BMEP58_ECPU_EXT2" including NTPv4 diagnostics
• Removed: Controller Device DDT type "T_BMEP58_ECPUPRP_EXT" (only for application version >4.00)
• Removed: HTTP protocol
• Removed: FTP protocol for Data Storage and firmware upload
• Removed: SNTP (only for application version >4.00)
• Improvement of cyber security protection.
• Denial of Service: M580_CE v15 SP1
• Improvement of cyber security protection.
• Denial of Service: M580
• Improvement of cyber security protection.
• Vulnerabilities: M580 BadAlloc Multiple RTOS vulnerabilities (Refer to CVE 2020 35198 - CVE 2020 28895 for more details)
• Improvement of cyber security protection.
• Denial of Service: M580_Integer Underflow
• Improvement of cyber security protection.
• Denial of Service: M580
• Vulnerabilities: Refer to CVE2021-22779 for more details
• Improvement of cyber security protection.
• Information disclosure: M580
• Vulnerabilities: Refer to CVE2021-22786 for more details
• Improvement of cyber security protection
• Vulnerabilities: M580 XSS vulnerabilities contained in JQuery (Refer to CVE-2020-11022 and CVE-2020-11023 for more details)
• Improvement: New SYSLOG event, Hot Standby system states (Primary/Standby/Wait)
• Fix: M580 controller receiving zone disorder for multiple READ_VAR calling
• Robustness increase: New diagnostic mechanism (history traceability) with essential system word information for better support purpose from Schneider Electric
• Fix: Cold start (instead of warm start) on power up issue with BMEP5820X0 PV15 FW3.20
• Fix: M580 Hot Standby losing CRA Drops on swap from Prim->Stby when performing online change on an application using more than 70 EDS files.
• Fix: M580 DIO_CTRL bit not working as expected for the Modbus TCP IO Scanner
• Fix: After a Power ON, the standby has MS and NS LED steady red
• Fix: %SW49 freezes and was not updated as expected.
• Fix: String_to_real conversion when 'generate with LD link animation' option unchecked
• Fix: Regression from 2.90 to 3.20 in BMEP582040 - IO SCANNING, missing devices in the IO scanner
• Fix: Write Only IO Scanning function between 2 NOCs giving bad status in DDT SCANNER_OK variable and DIO_Health[x] variable
• Fix: Regression from 3.10 to 3.20 in BMEH6040, BMENUA0100 is abnormally disconnected after each swap by application.
• Fix: Drop loss after drop power cycle
• Fix: M580 - crashes in 0xEC10 due to EtherNet/IP stack

M580 V03.30

Firmware Version 03.30 Improvements

• Improvement: Support of the Modicon M580 Safety commercial reference BMEP586040S

NOTE: Firmware version 3.30 is only available for safety processor BMEP586040S.

M580 V03.22

Firmware Version 03.22 Improvements

• Manufacturing tests support for new hardware PV25.
• Fix: Unexpected "Cold start" at power up issue for BMEP582020 and BMEP582040.

NOTE: Firmware version 3.22 is not available in se.com.

In Modicon M580 Hot-Standby systems, level of Firmware version in both controller "A" and "B" must be equal. Controller PV 25 with Firmware version 3.22 can be downgraded to earlier software versions (Firmware version).

M580 V03.20

Firmware Version 03.20 Improvements

• Implementation of a new feature: Data memory protect settings in the variable editors
• Improvement of cyber security protection: Refer to CVE-2019-6848 for more details
• Improvement of cyber security protection: Refer to CVE-2019-6849 for more details
• Improvement of cyber security
• Increases robustness: Controller on access to the webserver
• Fix: SNMP answer data regression since 2.80
• Resolved: Remote Denial Of Service while using a specific Python script; controller went into an stop managed exception. Refer to CVE-2020-7543 for more details
• Increases robustness: Controller communication EF on big number of simultaneous connections.
• CFB: Error when reading a TOD variable (Error when retrieving local variable type despite variable well declared)
• Increases robustness: Controller for SFC section on warmstart
• Corrected: Stop managed exception vulnerability of the controller caused by a specific UMAS command. Refer to CVE-2020-7537 for further details.
• Increases robustness: Hot Standby system, in case of very long task period (to prevent de-synchronization)
• Improvement of the reliability: Controller workload diagnostic value
• Increases robustness: Controller against memory leak issue, on some types of LLDP frames occurrence.
• Increases robustness: Controller against removal of a device accessible through a gateway.
• Removed: Wrong diagviewer message "HSBY: Degraded hsby data transfer"
• Implementation of the "monotonic time" black channel for safety systems.
• Remove: The 6 extension racks unexpected limitation.
• Correction: Align the SYSLOG events messages text with online documentation.
• Enhancement of the performance: When in parallel branches in SFC language.
• Fix: Bad display of the links in FBD section on the program viewer using the webserver.
• Improvement of cyber security protection on webserver
• Implement new version of safety coprocessor.
• Restored: Error reporting service of the send_email function block.
• Fix: Hot Standby device_ddt EIO_ERROR status that was toggling.
• Implementation of the capability: Recover from a long catchup state without stopping the process
• Implementation of the safety monotonic time principle
• Implementation of a new feature: SFC "final scan"
• Improvement of cyber security memory read protection
• Improvement of controller device DDT about SD Card diagnostics
• Increases robustness: Heavy safety systems (managed exception after few hours running)
• Enhancement of the reliability: Hot Standby device_DDT "SYNC" diagnostic for BMEH586040 controllers.
• Fix: NOC disconnection (IP lost) on app transfer following several online modifications
• Fix: Variable initialization issue after init on SFC

M580 V03.10

Firmware Version 03.10 Improvements

• Improvement: Support of the CIP Safety protocol for the standalone Safety controllers BMEP582040S and BMEP584040S
• Improvement of cyber security protection: Denial of service on invalid inputs on firmware upgrade
• Improvement of cyber security protection: Denial of service: Operating System reinforcement
• Improvement: Optimization of the max start-up delay between wait and run-primary state on Hot Standby controller when no peer controller is connected
• Improvement: Safety controller NTP time update via BMENOC0301.4 or BMENOC0311.4
• Improvement of cyber security protection: Denial of Service on invalid inputs

M580 V02.90

Firmware Version 02.90 Improvements

• Improvement of cyber security protection: Denial of service on invalid inputs
• Fixes: Byte swap issue following Modbus I/O scanning modification. When the I/O scanner of the controller writes data to any devices, swap of byte might appear in specific conditions. This issue was present on legacy versions.
• Improvement of cyber security protection: Unauthenticated write data request
• Enhancement: The controller informs the NOR that it's in summer time. %S58.
• Adjust: Behavior of the controller in case of data checksum error (reboot instead of exception stop).
• Harmonizes: Behavior of the variables initialization on all controller ranges.
• Increases robustness: Controller when loading an application level V1.10 in controller with V2.8
• Improvement of the robustness: On swap on Safety Hot Standby controller.
• Improves the behavior: I/O scanner lines control bits when the M580 scans a Schneider M221 controller.
• Improves the readability: RIO diagnostics
• Improves the robustness: Standby Safety controller following CCOTF and application transfer from Primary to Standby.
• Fix: Wrong cabling on the coax side of the 140CRA31908 was not detected. The fix of this issue requires a 140CRA firmware V2.40 and the OS V2.90
• New feature: Prevent downgrade firmware Firmware version<2.90 in the controllers with PV referenced below.
• Improvement of cyber security protection: Denial of service on invalid application transfer
• Improves the robustness: Following modification on line. (when replacing wire between 2 FBs by variable)
• Improvement of cyber security protection: Denial of service on HTTP request
• Improves the firmware upgrade robustness with Unity Loader
• Fixes: M580 - %SW87 - the Number of Queries not matching between client and server
• Improvement of cyber security protection: Buffer overflow in FTP service
• Fixes: Backup LED is reported incorrectly in web page.
• Improvement of cyber security protection: Unauthenticated modification of application
• Improvement of cyber security protection: Denial of Service on controller reservation
• Improvement of cyber security protection: Unauthenticated application transfer
• Improves robustness during big amount of project downloads
• Enriches the event log (SYSLOG protocol) when the firmware of the controller has been upgraded

NOTE: To be able to select the M580 V2.90 controller and its features in Control Expert V14.0 applications, installation of the following hot fix for Control Expert V14.0 is required: "ControlExpert_V140_HF_PMEPXM0100_ HF0312169E"

M580 V02.80

Firmware Version 02.80 Improvements

• Description: LED ERR blinks in storm condition
• Description: Controller Device DDT Network Health bit now returns to 1 when issue of Storm/Network disappears
• Description: BME*58*0*0 controllers do not lose anymore I/O scanning tick
• Description: BME*58*0*0 controllers - enable CIP requests when sender / receiver is a controller
• Improvement of cyber security protection.

M580 V02.70

Firmware Version 02.70 Improvements

• New feature: Manage time stamped events on user defined trigger (external sources such as power breaker...)
• Addition of 2 diagnostic messages: In the primary diagnostic viewer concerning counterpart controller: "becomes standby" & "no more standby"
• Improve: SD Card driver robustness
• Enhance cybersecurity features: Regarding Run/Stop input and reservation mechanism management
• Enhance cybersecurity features: Regarding buffer overflow in TFTP service
• Enhance cybersecurity coding rules: On instruction "STRNCPY"
• Enhance cybersecurity coding rules: For Software Development Lifecycle
• Enhance cybersecurity: Regarding controller memory robustness
• Enhance "READ_VAR" robustness: Against multiple fast disconnection / reconnections of Ethernet cable on NOC module
• Improve NTP service: To fix the "RTC = 2085+" issue
• NTP service: When using NTP service, the controller now displays correct information in the % SW53
• NTP service: When using NTP service, the controller now always keeps RTC updated on power cycle
• Enhance robustness: Regarding FTP access to SD card (could lead to HALT)

M580 V02.60

Firmware Version 02.60 Improvements

• Improvement: Support of the reference BMEP582040S

NOTE: Firmware version 2.60 is only available for safety processors BMEP584040S.

Downgrading the BMEP584040S can only be executed by Schneider Electric support services.

NOTICE

INOPERABLE EQUIPMENT

Do not downgrade a BMEP584040S to the Firmware version 2.40.

Failure to follow these instructions can result in equipment damage.

M580 V02.50

Firmware Version 02.50 Improvements

• Correction: Problem related to frozen variables that might happened after a SFC initialization in seldom cases
• Internal Modbus server robustness enhancement: Against malformed Frame
• ECC activation: (Error Correcting Code) - see notes
• Fix: I/O scan that didn't work due to a RST_ACQ
• Internal HTTP server robustness enhancement: Against malformed Frame
• Restore SYSLOG function: That was not available anymore since v2.30
• Increase of backup application speed
• Update processor settings: Based on the latest manufacturer recommendations
• Enrich: Diagnostic file information to ease and make more efficient problem resolution by R&D
• Fixes: Seldom "3 red LEDs" behavior on rack reset (CPS button)

NOTE: An Error Correcting Code mechanism improves the robustness of the controller against memory bit flips (soft errors) during its lifetime. This feature allows the controller to reach a level of robustness that exceeds the quality standard and might also impact the cycle time of the controller. It is recommended to check that the application cycle time after upgrade conforms with application requirements.

NOTICE

INOPERABLE EQUIPMENT

Do not power off the controller when upgrading the controller to 2.50 or later from an earlier version (or vice versa).

Failure to follow these instructions can result in equipment damage.

M580 V02.41

Firmware Version 02.41 Improvements

• Improvement: Support of the CCOTF (Configuration Changes On The Fly) function in S908 drops behind a 140CRA31908. The minimum requirements for this function are: Unity Pro v12.0 Hot Fix or Unity Pro v13.1 or later (Unity Pro v13 does not support CCOTF on S908); 140CRA31908 FW version 2.30 or later; 140CRP93xxx FW version 2.10 or later; 140CRA93xxx FW version 2.03 or later; BMEx584040 or BMEP585040 or BMEx586040 FW version 2.41 or later.
• Improve robustness: On power cycle when tasks cycle periods are close to 1ms
• Improve the robustness: Of cancelling a communication function block when used in a FAST task. Reminder: it is not recommended to use communication function block in FAST tasks.
• Improve robustness of the system: When 2 breakpoints are used consecutively within the same ST section
• Evolution of "device DDT" mode behavior: So that the I/O power supply validity is evaluated before the logic (like in "topological" mode).
• Fixes: Incorrect information displayed in the webpage concerning the DHCP feature: even if enabled, the webpage was displaying it disabled.
• Prevent the system to go to HALT: When large number of communication function blocks are used (80 or more per cycle) and when the execution cycle duration is close to the configured period.
• Optimize the performances: When %SW90 is used to expand the default number of communication requests possible per cycle
• Avoid a rare situation: Where the controller might go to the NO CONF state upon power cycle in case of very large application (memory close to be full)
• Robustness improvement: Of the communication system in case of heavy loads

NOTE: Firmware version 2.41 is available only for processors level 40 and later. The impact of performances introduced in v2.30 has been resolved and is back to normal.

M580 V02.30

Firmware Version 02.30 Improvements

• Improve the robustness: Of the redundant system to avoid a very seldom case where the RIO bumped on 1 cycle after a controller switchover triggered by a complete loss of visibility the RIO network by the primary (both the 2 controller ETH ports disconnected)
• Prevent: Any RIO drop disconnection in rare cases of a misformed DHCP telegram
• Change the behavior: Of the NTP management in order to avoid the system time to shift one hour less when BMXNOR0200H is set as NTP client.
• Improve robustness: On proprietary FC90 Modbus server in controller
• Implement a new algorithm: Against TCP sequence number vulnerability giving now unpredictable random TCP sequence numbers
• Change the behavior: Of the SCHEDULE function block to be aligned with the user documentation: Sunday was assign to bit 7 in WEEK instead of 0
• Improve SYSLOG system: Where some events described in user manual were not recorded (Application and configuration upload / download)
• Improve robustness: Of the internal communication system to avoid it being overloaded by too many requests that resulted into diminished communication performances
• Improve robustness: Of the system against very seldom cases where specific DTM files loaded into the controller lead to a controlled stop unexpectedly.
• Increase robustness: Of the system when sending communication FC90 requests via WRITE_CMD_MX that could lead to a controlled stop unexpectedly
• Increase the robustness: Of the web server (rack viewer part) to avoid, in very seldom case, to trigger a controlled stop of the controller unexpectedly
• Increase the robustness: Of the redundant system related to Ethernet IP scanner & adapter services that might stop after intensive controller swaps
• Fix: A seldom behavior in the firmware download processing that could lead to the following error message "Flash upgrade error: S_False"
• Fix: A very seldom case of system controlled stop (managed exception state EC10) when downloading a new firmware in the controller
• Fix: A seldom issue that lead to a unexpected state in the module re-configuration after a hot swap due to high frequency of explicit communication EF activation (READ_VAR, WRITE_VAR...) - typically less than 50ms.

NOTE: Firmware version 2.30 is available only for processors level 40 and later. It may impact performances under specific operating conditions (up to +30% of scan time measured) due to enhancements concerning operating system cybersecurity. After updating the processor version from an existing application, check if this impact appears and study the potential consequences in the system.

M580 V02.20

Firmware Version 02.20 Improvements

• Fix: Communication server issue when many communication EFs are started at the same time, could lead to error code 7.
• Fix: Communication EF operating mode issue in redundant configuration: Controller waits now until its IP address is correctly set after a controller swap (Hot Standby) before executing communication EF. Wrong IP address could previously be used by Modbus EF during first Mast cycle after a swap that lead to communication errors.
• Improvement: Enhance diagnostic for redundant system: %SW61.5 support to get access by program to the information of controller A and controller B
• Fix: Real time issue on Ethernet IP system when processing arpResolv request: task could be interrupted during up to 600ms, that could lead to a bump on CRA.
• Fix: Seldom issue that lead to a controller stop (error code EC04) after around 20 000 swaps on redundant system. (robustness of tDiagMgrPoll system task).
• Fix: Seldom issue that lead to a controller stop (error code EC04) after application swaps on redundant system. (robustness of tLLDP system task).
• Improvement: Enhance diagnostic in case of unexpected system stop thank to a new file /usr/diag/crash.txt generated. It includes the complete VxWorks call stack of the faulty task.
• Fix: Issue on software upload when password activated.
• Fix: Robustness issue that could lead to a controlled stop of the controller after receiving PTP Ethernet packets.
• Fix: Issue on %S94 operating mode that caused the BMENOC falling in "No Conf" state.
• Improvement: Enhance application upload operating mode to block the upload when controller is not reserved to increase the security.
• Fix: Issue on SET_FILE_ATTRIBUTES EF that didn't change the file attributes successfully on M580.
• Fix: Diagnostic issue on RIO DDT heartbeat (trigger too sensible)
• Fix: Issue on the redundant M580 controller to make the redundant link more robust to avoid seldom cases of controller B in "Wait" state after several power cuts
• Fix: Issue regarding auto-negotiation feature of the wired Hot Standby high speed link.
• Fix: Issue that leads to system stop (error code EC10) of redundant M580 controller when performing operating modes on both %S94 and %S66
• Fix: Issue that leads to a controller stop (root cause was a watchdog overflow on EtherNet/IP) when disconnecting the Ethernet link connected with many scanned devices
• Fix: Issue that leads to a controller stop (root cause was a watchdog overflow on EIP - %SW124=0x001F) when controller alternative power cycles
• Fix: Issue on the SFP after restarting the system that could lead to have a Hot Standby Link Down.
• Improvement of robustness on hardware watchdog by changing internal system timeout values of MAC2.

M580 V02.13

Firmware Version 02.13 Improvements

• Fix: The issue introduced with v2.12 where the controller does not boot after power cycle

M580 V02.12

Firmware Version 02.12 Improvements

• Improvement: Change the management of closing TCP connection (to be aligned as M340)
• Improvement: Miscellaneous robustness improvements
• Improvement: Support BMENOC IO Scanning upgrade (from 1.8KW to 3.7 KW)
• Improvement: Support of the Redundant Power Supplies (BMXCPS4002) advanced diagnostic function blocks
• Improvement: Support of the Global Data Module (NGD)
• Fix: The 10 years offset issue if time reference for NTP is coming from BMXNOR0200
• Fix: Wrong display in millisecond of value coming from R_NTPC() function.
• Fix: Arithmetic error wrongly generated when using FFB R_N NTPC function block
• Fix: Offset issue when M580 answering to Modbus FC02 and FC04 requests from SCADA (same mapping than Quantum now)
• (Hot Standby only): Fix the wrong behavior of remote IO frozen if remaining Hot Standby controller goes into HALT state
• Fix: Wrong behavior of the %S9 not working properly at first controller cycle

NOTE: Firmware version 2.12 is no longer available. Use version 2.13 or later in its place.

M580 V02.10

Firmware Version 02.10 Improvements

• Fixed: Alignment issue in IO Scanner when a sequence of specific manipulations is done related to adding / modifying and removing line upon several build
• Fixed: Potential loss of signature of an SD Card upon power cycle
• Improvement: Animation enabled on function REF_TO_ANYBOOL when mapped on extracted bit
• Improvement of data_exch CIP address input parameter in order to avoid having to write it in the DFB at each cycle.
• Improvement of cybersecurity robustness against: Periodic configuration change at each cycle using ETH_PORT_CTRL block (ex: enable / disable FTP); FTP session still active when FTP disable using ETH_PORT_CTRL block; Controller SYSLOG events recording improvement in case of FW update or controller reboot
• Fixed EIP communication issues between M580 and M340 BMXNOC0401 in Ethernet / IP (it was OK for Modbus TCP)
• Improvement: Support of State RAM for BMEP584040
• Improvement: Support of Quantum Ethernet drops (140CRA31200) for BMEP584040
• Improvement: Support of some Quantum function blocks for BMEP584040
• Improvement: Support of Rack Viewer for BMEP584040
• Improvement: All controllers: Support of Redundant Power Supplies BXCPS4002 (status and function blocks)

NOTE: Firmware version 2.10 does not support, and cannot be use on, M580 Hot Standby controllers (BMΕ H 58xxxx).

M580 V02.01

Firmware Version 02.01 Improvements

• Scanner controller DDDT evolution: To simplify user interface (new health bit and control bit per device...)
• Numbering schema change: Device ID, Connection ID, Object ID, Compatibility to simplify user interface
• ANYBOOL support for on line animation
• Time stamping support for local variables of the controller
• Enhance cybersecurity features: Enable/Disable unused services, support EtherNet/IP, DHCP, BOOTP services, Hardening Access Control (ACL), Disable FTP on Ethernet when in NOCONF mode, Event Logging
• Device Integration: Support of 'R' Ready devices
• Support of CCOTF on Local IO
• Fix: Potential issue where an undesirable output was one during the first controller cycle after start-up
• Fix: When the controller is HALTed, the DIO outputs keep the last values -> the fix is to stop the IO scanner to activate the fall back values
• No Ethernet IP connection (with drive Danfoss FC102)
• Enhance DIO management: For class 1 CIP connections (controller DIO connection internal time-outs)
• FTP password for firmware upload must be configurable
• DEVICE_CNX_CTRL bits management is not correct on M580 controller Device DDT for STB
• M580 data Freshness bits management do not behave as described in the documentation
• Enhance FTP robustness against too long login names
• Increase the reliability of the firmware integrity self-test

M580 V01.13

Firmware Version 01.13 Improvements

• Unity Loader being connected to a BMXEHCxxx via a controller: The controller may go in "NO CONF" state OR Module LEDs blinking (RUN, ERR, I/O, DL) OR "system stop" state (%SW124=EC00) during the upgrade of the EHC.
• Webpage fails: After a long period of time with the popup message : "communication timeout occurred, please check the connection"
• During CNM Network discovery (Auto Topology using SNMP features): The controller seems not being connected to the correct port
• In M580 controller web page: The module name is followed by "Pr"
• Controller goes in "system stop" state: When an unexpected CIP frame targets the controller (this issue only occurs on BMEP58x020 controller versions)
• When connected indirectly to the controller (e.g. through a NOC): The communication to the controller fails while performing heavy actions (like storing actual values in init values)
• The Control bits of the DIO scanner stops working after a while
• Controller may go in "system stop" state: After an On Line Modification with High communication traffic
• Cyber-security: Impossible to disable the ports 2 and 3 of the controller whereas the option is checked in Unity Pro (only concerns BMEP58x020 controller versions)
• Improves Ethernet backplane communication management for large configurations.

M580 V01.04

Firmware Version 01.04 Improvements

• Launch version