BackPrint versionPrint versionSend recommendationSend recommendation

Codesys

Roland Wagner,

Virtualized Control Technology in Practice

Software determines functionality in televisions, vehicles, smartphones, and increasingly in industrial automation and industrial control systems. This development has led to the emergence of virtual PLCs (vPLCs). The following article describes how such control systems are implemented in practice and which application scenarios are technically feasible.

Codesys: Virtualized Control Technology in PracticeImages
© Codesys

Today, virtual computers and software-defined disk drives are commonly used in data centers. Virtualization enables independent configurations for different applications and increases the data security of systems by imposing sensible access control mechanisms. Similar principles apply to industrial control systems, where software also defines system functionality. In this context, virtualization is a must.

Physical hardware is still required to run virtual controllers (vPLCs), but the underlying infrastructure is abstracted. The control project is processed via a runtime environment, i.e., software that is independent of the specific hardware platform. Suitable target systems include industrial PCs, edge computing platforms, and server systems such as hyper-converged infrastructures (HCI). The abstracted hardware resources are accessed by software containers. If you create a container using a prepared image with an integrated vPLC, the virtual controller is immediately on board. Essentially, all that remains to be done is to configure parameters such as Ethernet ports for the fieldbus communication. Deployment can be done in different ways: IT administrators use Linux commands, scripts, or tools such as Kubernetes, while automation engineers use PLC tools such as the Codesys Development System.

Advertisement

Provided that sufficient computing resources are available, multiple vPLC instances can be operated in parallel on the same hardware platform, each handling a separate control task. This approach is comparable to service-based architectures commonly used in IT systems. Physical inputs and outputs are connected via preconfigured Ethernet ports with fieldbus protocols such as EtherCAT or Profinet. Physical ports can even be virtualized in suitable switches via vLAN. The controllers inherit their real-time behavior from the Linux operating system, including the RT-Preempt real-time kernel.

Advantages of vPLCs

Operating multiple independent PLC instances on the same hardware can reduce the number of physical control devices required. This can lead to lower hardware procurement effort, reduced wiring, and simplified maintenance. Fewer PLCs and power supplies may also reduce space requirements in control cabinets.

vPLCs are much easier to administer and update with new applications. An important aspect in times of the Cyber Resilience Act: Dividing the PLC application across vPLCs - as in microservices - strengthens IT security. This allows the entire system to continue running even if one vPLC has been compromised. It can be replaced with a new vPLC without any hardware costs. And, of course, updates can be installed much more easily on centrally managed vPLCs than on their physical counterparts somewhere in the control cabinet. This makes systems more resilient to cyberattacks.

Virtualization of safety PLCs

European regulations and national laws require machinery and systems with potential hazards to be designed and operated in a manner that ensures the protection of personnel throughout their entire lifecycle. Standards such as IEC 61508 define fundamental principles for the use of electronic controls in machines and systems. Depending on the risk situation, manufacturers of potentially hazardous systems must have their products approved on the basis of safety requirement levels (Safety Integrity Level from SIL1 to SIL4) – including all components used and safe control applications.

Figure 1: Processing of the safety application in two separate software channels with transformed code.
Figure 1: Processing of the safety application in two separate software channels with transformed code. © Codesys

Depending on the assessed risk, safety-related control systems must comply with defined Safety Integrity Levels (SIL1 to SIL4). For stationary machinery with SIL3 require two independent processing channels for the control application. Until now, certified, dual-channel hardware systems had to be used for this purpose. But now this can also be done using software! The „coded processing“ method, which has been known for more than 30 years, divides the safe PLC application into two independent channels using a special data transformation known as „diversified encoding“ (Figure 1). Data comparisons, control-flow monitoring, secure input handling, and validation of network and fieldbus communication enable detection of potential errors. This concept achieves the same level of safety as dual-channel hardware. As a result, safety-related control functions can also be implemented on virtualized platforms, referred to as virtual safety PLCs (vSafePLCs).

While the first products with code processing in the early 2000s were still too slow for industrial applications, today‘s products are ideal for this purpose thanks to significantly more powerful processors and fundamentally optimized software algorithms. Such a system is slower than one without transformation, but only by a factor of 5 to 15. At the same time, the elimination of synchronization points as well as CPU and memory tests significantly reduces the load on the processor, in contrast to discrete safety controllers. The process is hardware-independent, it is possible to switch to a more powerful computer architecture at any time if necessary, which is not possible with physical safety controllers.

Use of vPLCs and vSafePLC

Using both functional and safe controllers virtualized in containers has a double effect. A vPLC such as ‘Codesys Virtual Control SL’ already offers new flexibility – simply through the freedom it provides in terms of the underlying hardware and independent instantiation on it. ‘Codesys Virtual Safe Control SL’ extends this approach to safety-related applications.

The safety functionality is implemented using coded processing based on the patented ‘SIListra Safety Transformer’. vSafePLC instances can be deployed alongside vPLCs on the same hardware platform. I/Os are accessed via Ethernet protocols in real time. For safety-critical applications, Profisafe (F-Host / F-Client) and FSoE (Fail Safe over EtherCAT) secure protocols are available, which are configured directly within the Codesys Development System (Figure 2).

Figure 2: Screenshot of the Codesys Development System with SIL3 application (right) on a virtual safety controller (left in the tree).
Figure 2: Screenshot of the Codesys Development System with SIL3 application (right) on a virtual safety controller (left in the tree). © Codesys

Virtual controllers can be configured and managed (“orchestrated”) on the target system using IT tools - or simply with the “Deploy Control SL” add-on within the Codesys Development System. Prepared container images are used for deployment, with separate images available for functional and safety-related controllers. The system handles the separation into independent processing channels and monitors execution of the safety application (Figure 3). Functional and safety applications are typically developed within a single Codesys project. Data exchange between functional and safety-related components is supported within the defined safety architecture. The safety application is developed using a certified IEC 61131-3 editor, and a TÜV Süd–approved procedure monitors the download of the generated code to the virtual safety controller. Administration of functional and safety controllers follows largely uniform workflows.

Figure 3: Screenshot of the deployment tool for setting up virtual functional and safe controllers in the Codesys Development System.
Figure 3: Screenshot of the deployment tool for setting up virtual functional and safe controllers in the Codesys Development System. © Codesys

With regard to safety approval under the Machinery Directive, the certification process for vSafePLCs is identical to that of physical safety PLCs. The main difference is that certified safety hardware is no longer required. TÜV Süd certified the basic software of Codesys Virtual Safe Control SL for SIL3 applications for x86-based architectures back in January 2025 – explicitly independent of the executing hardware (Figure 4). An extension to ARM-based systems is planned for mid-2026. Codesys Virtual Safe Control SL thus offers manufacturers and, above all, operators of machines and systems additional freedom – now even for safety-critical applications. Codesys Virtual Control and Codesys Virtual Safe Control are already being used successfully in automotive production lines.

vPLCs for motion, CNC, and robotics applications

Figure 4: TÜV Süd certificate confirming the suitability of CODESYS Safe Control Core for applications according to IEC 61508 SIL3, the basic software for CODESYS Virtual Safe Control SL. Product development was funded by the German Federal Ministry for Economic Affairs and Climate Protection as part of the SDM4FZI research project.
Figure 4: TÜV Süd certificate confirming the suitability of CODESYS Safe Control Core for applications according to IEC 61508 SIL3, the basic software for CODESYS Virtual Safe Control SL. Product development was funded by the German Federal Ministry for Economic Affairs and Climate Protection as part of the SDM4FZI research project. © Codesys

Virtual controllers can also be used in time-critical motion control applications with coordinated movements. Motion applications developed with tools such as Codesys are executed using servo drives connected via fieldbus systems, typically Ethercat. If vPLCs are used as PLCs, motion controllers can also be virtualized and processed within a software program. Even longer distances between the target hardware and the drives, for example in robotic or portal systems, can be bridged via Ethernet, fiber-optic cables (FOC) and appropriate converters. An integrated circuit (ASIC) developed by Missing Link Electronics is designed to bundle multiple protocols and transmit them without loss, is nearing series production. A patented process tunnels the data in such a way that all properties and information of the original system are retained. This means that functionally safe protocols such as FSoE (Fail Safe over Ethercat) or Profisafe can also be used. Important for users of motion and PLC systems such as Codesys: Unlike other fiber optic systems, this type of data tunneling does not change operation and configuration. The circuit behaves like a standard Ethernet card in the system.

Conclusion

The author: Roland Wagner is Head of Product Marketing at Codesys.
The author: Roland Wagner is Head of Product Marketing at Codesys. © Codesy

Virtual controllers provide a technical approach for decoupling control applications from specific hardware platforms. They can be applied to a range of use cases, including standard automation tasks, safety-related applications, and complex motion control systems. Engineering workflows and tools remain largely unchanged, as platforms such as Codesys provide integrated development and deployment environments. The suitability of virtual control concepts depends on application-specific requirements and should be evaluated accordingly by machine manufacturers and system operators. ag

  • Xing Icon
  • LinkedIn Icon
Advertisement
Advertisement

You might also be interested in

Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Subscribe to our newsletter
BackPrint versionPrint versionSend recommendationSend recommendation
Advertisement
Back to home