This release includes security enhancements as a part of our ongoing efforts to improve security. For information regarding Rockwell Automation's vulnerability disclosure process, please reference the Rockwell Automation Vulnerability Policy.
CORRECTED Anomaly with
Known Anomaly First Identified in
Denial-of-Service Vulnerability That Affects Logix 5000™ Controllers (1042476,1042479)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.016, 34.011 and later
|
Compact GuardLogix®
5370
|
28.011
|
33.016, 34.011 and later
|
ControlLogix® 5570
|
20.011
|
33.016, 34.011 and later
|
ControlLogix 5570
redundant
|
20.054
|
33.053, 34.051 and later
|
GuardLogix 5570
|
20.011
|
33.016, 34.011 and later
|
CompactLogix 5380
|
28.011
|
32.016, 33.011 and later
|
Compact GuardLogix 5380
SIL 2
|
31.011
|
32.016, 33.011 and later
|
Compact GuardLogix 5380
SIL 3
|
32.013
|
32.016, 33.011 and later
|
CompactLogix 5480
|
32.011
|
32.016, 33.011 and later
|
ControlLogix 5580
|
28.011
|
32.016, 33.011 and later
|
GuardLogix 5580
|
31.011
|
32.016, 33.011 and later
|
For a full list of the potentially affected Rockwell Automation products and a description of the vulnerability, see Knowledgebase Product Notice Logix Controllers Vulnerable to Denial-of-Service Attack.
VxWorks vulnerabilities that affect Logix 5000™ controllers (00225602, 00225603, 00225605, 00225606, 00225607, 880628, 1000204)
CORRECTED Anomaly firmware revisions 28.015, 32.013, and 33.011 for these catalog numbers:
CORRECTED Anomaly in firmware revisions 32.013 and 33.011 for these catalog numbers:
CORRECTED Anomaly in Firmware Revision 31.013, 32.013, and 33.011 for these catalog numbers:
CORRECTED Anomaly as of Firmware Revision 30.015, 31.013, 32.013, and 33.011 for these Catalog Numbers:
Known Anomaly First Identified in firmware revision 20.011 for these catalog numbers:
Known Anomaly First Identified in firmware revision 28.011 for these catalog numbers:
Known Anomaly First Identified in firmware revision 31.011 for these catalog numbers:
Known Anomaly First Identified in firmware revision 32.011 for these catalog numbers:
For a full list of the potentially affected Rockwell Automation products and a description of the vulnerabilities, see Knowledgebase Technote VxWorks Vulnerabilities affect Programmable Automation Controllers, EtherNet/IP™ Communication Modules, I/O Modules, Kinetix 6500 Servo Drive, High-Frequency RFID Interface Block.
CVE-2022-3157: Denial-of-Service Vulnerability That Affects Logix 5000™ Controllers (1256258, 1289747)
Controllers
|
First Known in
Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.013, 34.011 and later
|
Compact GuardLogix® 5370
|
28.011
|
33.013, 34.011 and later
|
ControlLogix® 5570
|
20.011
|
33.013, 34.011 and later
|
GuardLogix 5570
|
20.011
|
33.013, 34.011 and later
|
ControlLogix 5570 redundant
|
20.054
|
33.052, 34.051 and later
|
For a full list of the potentially affected Rockwell Automation products and a description of the vulnerability, see Knowledgebase Product Notice Controllers Vulnerable to a Denial-of-Service Vulnerability.
CVE-2020-6998: Denial-of-Service Vulnerability That Affects Logix 5000™ Controllers (00228528)
Controllers
|
First Known in
Firmware Revision
|
Corrected in
Firmware Revision
|
CompactLogix™ 5370
|
20.011
|
33.011 and later
|
Compact GuardLogix® 5370
|
28.011
|
33.011 and later
|
ControlLogix® 5570
|
20.011
|
33.011 and later
|
GuardLogix 5570
|
20.011
|
33.011 and later
|
ControlLogix 5570 redundant
|
20.054
|
33.051 and later
|
For a full list of the potentially affected Rockwell Automation products and a description of the vulnerability, see Knowledgebase Product Notice CompactLogix 5370 and ControlLogix 5570 Controllers Vulnerable to Denial of Service Conditions due to Improper Input Validation.
This release corrects the following anomalies.
Drive Instability With Frequent Wall Clock Time Update Requests (00174495, 00174563)
Corrected Anomaly in Firmware Revision 30.011
Known Anomaly First Identified as of Firmware Revision 28.011
Catalog Numbers:
Frequent requests to update the controller Wall Clock Time in applications that use Integrated Motion over an EtherNet/IP network can cause drive instability.
The following are examples of wall clock time update requests:
The following are examples of drive behavior when the anomaly occurs:
Attribute Value Incorrect with Get System Value Instruction (00169204)
Corrected Anomaly as of Firmware Revision 30.011
Known Anomaly First Identified as of Firmware Revision 27.011
Catalog Numbers:
When used with a Get System Value (GSV) instruction, the PortPhysicalAddressInfo attribute value can be incorrect.
The PortPhysicalAddressInfo attribute is available when you use the TimeSynchronize Class.
Value That Is Outside the Supported WallClockTime Range (00182341, 00182342, 00190288, Lgx00169520)
Corrected Anomaly in:
Known Anomaly First Identified in:
When reading or viewing the WCT (WallClockTime) of the controller, the year can show a value of 586XXX (where the XXX is any values). This means that the wallclock value is outside the valid range for EPoch time.
The range of the WCT has been tightened in the controller to 1/1/1970 00:00:00.000...12/31/2069 23:59:59.999. If the controller tries to handle a value outside the defined range, the controller does not apply the new value. It now logs a minor fault, Type 13 Code 21. The fault displays an unknown fault in the RSLogix 5000® software.
When the fault is logged, the WCT of the controller is set to 1/1/19XX 00:00:00.000, where XX is 81...86. The year corresponds to the Info[0] value for the minor fault.
ALMA Instruction in a FBD Intermittently Clears the EnableOut Bit (00183574)
Corrected Anomaly in Firmware Revision 30.011
Known Anomaly First Identified as of Firmware Revision 28.011
Catalog Numbers:
When an ALMA instruction experiences an arithmetic overflow fault in a Function Block Diagram, the instruction intermittently clears the EnableOut bit.
Partial Import Online (PIO) Edits on GuardLogix Controllers Causes Logix Designer to go Offline (00190483)
Corrected Anomaly in Firmware Revision 30.011
Known Anomaly First Identified in Firmware Revision V28.011
Catalog Numbers:
If you perform PIO edits on a GuardLogix controller, the Studio 5000 Logix Designer® Application can go offline.
Using Firmware Supervisor to Update a 193-ECM-ETR E300 Can Cause the Controller to MNRF (00171456)
Corrected Anomaly in Firmware Revision 30.011
Known Anomaly First Identified in Firmware Revision 20.011
Catalog Numbers:
The controller can experience a major non-recoverable fault on powerup when these conditions are met:
This release has the following known anomalies.
Applications with PowerFlex drives in the I/O configuration can experience a major non-recoverable fault (MNRF) (00200734, 00200735, 00200600, 00200599)
Corrected Anomaly as of Firmware Revision 31.011 and 30.014 for these catalog numbers:
Corrected Anomaly as of Firmware Revision 31.011 and 30.013 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
If a controller already has an application loaded into it that contains PowerFlex drives in the I/O configuration, a MNRF (Major Non-Recoverable Fault) can occur when any of the following occurs:
For more information and workarounds, see Knowledgebase document 1067997.
Controller Log Automatic Write set via message instruction results in an error (00222768)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 30.011 for these catalog numbers:
When using application code (message instruction) to set the Controller Log feature to automatically write to the removable media when the log is 80% full, the message instruction will error with “undefined or unsupported attribute”. The configuration change will not take effect.
These anomalies are from previous releases but are still known in this release.
PI Function Block (Lgx00070832)
Known Anomaly First Identified as of:
For more information regarding the PI instruction, see the Logix5000™ Controllers Advanced Process Control and Drives Instructions User Manual, publication 1756-RM006.
Accept Edits (Lgx00122528, Lgx00122622)
Known Anomaly First Identified as of Firmware Revision 20.011
Catalog Numbers:
When you accept edits in LD, ST, and FBD, the controller will log an 'Online Edit' entry in the controller log. Accepting edits in a SFC routine is done by performing a partial import, resulting in a 'Transaction Commit' entry in the controller log. This is confusing because you can select to mask both entries separately. Selecting only Online edits would cause the Audit Value to change only when FBD, ST, and LD edits are made. SFC online edits would change the Audit Value only if the 'Partial Import Online Transaction Completed' bit was set.
Arithmetic State Flags (Lgx00122480)
Known Anomaly First Identified as of Firmware Revision 20.011
Catalog Numbers:
Logix CPU Security Tool
Known Anomaly First Identified as of Firmware Revision 20.011
RSLogix 5000™ Version 20.00
Studio 5000 Logix Designer™ First Identified as of Version 21.00
Catalog numbers:
Browse via RSLinx Classic over the USB Port (Lgx00128816, Lgx00128101)
Known Anomaly First Identified As Of Firmware Revision 20.012
Catalog Numbers
- 5370 CompactLogix L2
- 5370 CompactLogix L3
Communication with 1769 I/O Modules
Anomaly
Logix Firmware/RSLogix 5000 Software 20.011
Catalog Numbers 1769-L24ER-QB1B, 1769-24ER-QBFC1B, 1769-L27ERM-QBFC1B, 1769-L30ER, 1769-L30ERM, 1769-L30ER-NSE, 1769-L33ER, 1769-L33ERM, 1769-L36ERM
Connection via USB Cable (Lgx00122143)
Known Anomaly First Identified As Of Firmware Revision 20.011
Catalog Numbers:
- 5370 CompactLogix L1
- 5370 CompactLogix L2
- 5370 CompactLogix L3
Compact I/O Affects Controller Power-up Sequence (Lgx00127867, Lgx00127768)
Anomaly Identified As Of Revision 20.011
Catalog Numbers:
- 5370 CompactLogix L2
- 5370 CompactLogix L3
Cat. No. |
Series |
Firmware Revision |
1769-ARM |
A |
3.1 |
1769-ASCII |
A |
2.001 |
1769-BOOLEAN |
A |
1.2 |
1769-HSC |
A |
1.1 |
1769-IA16 |
A |
3.1 |
1769-IA8I |
A |
3.1 |
1769-IF16C |
A |
1.2 |
1769-IF16V |
A |
1.2 |
1769-IF4 |
B |
2.1 |
1769-IF4XOF2F |
A |
1.2 |
1769-IF4I |
A |
1.2 |
1769-IF4XOF2 |
A |
1.1 |
1769-IF8 |
A |
1.1 |
1769-IG16 |
A |
3.1 |
1769-IM2 |
A |
3.1 |
1769-IQ16 |
A |
3.1 |
1769-IQ16F |
A |
3.1 |
1769-IQ32 |
A |
3.1 |
1769-IQ6XOW4 |
B |
3.1 |
1769-IR16 |
A |
3.1 |
1769-IT6 |
A |
2.2 |
1769-OA16 |
A |
3.1 |
1769-OA8 |
B |
3.1 |
1769-OB16 |
B |
3.1 |
1769-OB16P |
B |
3.1 |
1769-OB32 |
A |
3.1 |
1769-OB32T |
A |
3.1 |
1769-OB8 |
A |
3.1 |
1769-OF2 |
B |
2.1 |
1769-OF4 |
A |
1.1 |
1769-OF4CI |
A |
2.1 |
1769-OF4VI |
A |
2.1 |
1769-OF8C |
A |
2.1 |
1769-OF8V |
A |
2.1 |
1769-OG16 |
A |
3.1 |
1769-OV16 |
B |
3.1 |
1769-OV32T |
A |
3.1 |
1769-OW16 |
A |
3.1 |
1769-OW8 |
B |
3.1 |
1769-OW8I |
B |
3.1 |
1769-SDN |
B |
2.2 |
Disable Download Project Documentation and Extended Properties Features (Lgx00135928)
Known Anomaly First Identified As Of Firmware Revision 21.011
Studio 5000 Logix Designer First Identified As Of Version 21.00
Expiration Times On a Logix Repository Record Can Differ (00171229)
Known Anomaly First Identified as of Firmware Revision 27.011
Catalog Numbers:
When the Logix Repository deletes a record, the cached value of the earliest expiration time and the actual expiration time value of the record can be different.
Unconnected Timeout Time Incorrect (00171872)
Known Anomaly First Identified as of Firmware Revision 27.011
Catalog Numbers:
The unconnected timeout time can be longer for a Forward Open service than expected.
RPI for Local Expansion Modules (Lgx00136853)
Anomaly Identified As Of Revision 21.011
MAR and MAW Instructions Do Not Execute Properly After Controller Power Is Cycled (1120359, 1161982)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware Revision
|
CompactLogix™ 5370
|
20.011
|
34.011
|
Compact GuardLogix® 5370
|
28.011
|
34.011
|
ControlLogix® 5570
|
20.011
|
34.011
|
GuardLogix 5570
|
28.011
|
34.011
|
CompactLogix 5380
|
28.011
|
34.011
|
Compact GuardLogix 5380 SIL 2
|
31.011
|
34.011
|
Compact GuardLogix 5380 SIL 3
|
32.013
|
34.011
|
CompactLogix 5380 Process
|
33.011
|
34.011
|
CompactLogix 5480
|
32.011
|
34.011
|
ControlLogix 5580
|
28.011
|
34.011
|
GuardLogix 5580
|
31.011
|
34.011
|
ControlLogix 5580 Process
|
33.011
|
34.011
|
If a controller is powered down while a Motion Arm Registration (MAR) and/or a Motion Arm Watch (MAW) instruction is active, the state of the instruction will not be accurate on controller power up.
For more information, see the Knowledgebase Technote MAR or MAW Instruction Not Executing Properly After a Power cycle.
I/O Activity Affects Periodic Sampling for Data Logs (Lgx00129461)
Known Anomaly First Identified as of Firmware Revision 24.011
Catalog Numbers:
I/O activity can affect the repeatability of the periodic sampling for data logs. The result of this anomaly occurring is missed periods of data samples. That is, the time between two data samples is twice as long as expected.
The following are I/O activities:
Alarm Log Content Lost at Powerup (Lgx00138163)
Known Anomaly First Identified as of Firmware Revision 24.011
Catalog Numbers:
Alarm Log content can be lost if there is a Secure Digital (SD) card in the controller that contains a project that is configured to load the project on powerup.
Controller Appears to Be Stuck in the Transition to Run Mode (Lgx00154875)
Known Anomaly First Identified as of Firmware Revision 24.011 for:
Corrected Anomaly as of Firmware Revision 1.013 for 1732E-OB8M8SR
Known Anomaly First Identified as of Firmware Revision 1.012 for 1732E-OB8M8SR
If your project uses a 1732E-OB8M8SR module, upgrade the module firmware to firmware revision 1.013 or later.
PhaseManager™ and SequenceManager™ Show Different States of Phase in Program Mode (00183769)
Known Anomaly First Identified as of Firmware Revision 28.011
Catalog Numbers:
If the controller is switched to Program mode while a sequence and phase are running, the phase state changes to idle and displays idle, while the sequence continues to show running. On transition back to Run mode, the sequence displays inactive.
Attribute Values Incorrect with Set System Value Instruction (00169713)
Known Anomaly First Identified as of Firmware Revision 27.011
Catalog Numbers:
When you use a Set System Variable (SSV) instruction to set the values for attributes available with the WallClockTime class, the values can be set incorrectly.
Wall Clock Value Different From Previous Value (00169756)
Known Anomaly First Identified as of Firmware Revision 27.011
Catalog Numbers:
After you set the wall clock for a controller, the actual time can be offset from the value that you set by approximately 2 seconds.
This anomaly occurs after Precision Time Protocol (PTP) is disabled in a controller that was previously synchronized with the grandmaster clock.
Media Space Calculation Incorrect with 3rd-party Secure Digital Cards (00175295)
Known Anomaly First Identified as of Firmware Revision 28.011
Catalog Numbers:
The media space calculation that is done to determine the available memory on a Secure Digital (SD) card can be incorrect with 3rd-party SD cards that are 4 GB or greater.
This anomaly does not occur when you use SD cards available from Rockwell Automation. That is, the 1784-SD1 and 1784-SD2 cards.
We recommend that you use the SD cards available from Rockwell Automation with your controller.
While other SD cards can be used with the controller, Rockwell Automation has not tested the use of those cards with the controller. If you use an SD card other than those cards that are available from Rockwell Automation, you can experience data corruption or loss.
DeleteAllSockets MSG Can Cause a Major Non-recoverable Fault (00156732)
Corrected Anomaly as of Firmware Revision 31.011
Known Anomaly First Identified as of Firmware Revision 20.011
for these catalog numbers:
·
CompactLogix™ 5370 Controllers
Known Anomaly First Identified as of Firmware Revision 28.011
for these catalog numbers:
·
ControlLogix® 5580 Controllers
·
CompactLogix 5380 Controllers
·
Compact GuardLogix® 5370 Controllers
If the application deletes an individual socket and follows that with a DeleteAllSockets request, a major non-recoverable fault (MNRF) can occur.
To help prevent a MNRF, only use the DeleteAllSockets service as the first operation on the first scan of the program. Use the DeleteSocket service to delete individual sockets.
Data Integrity Anomalies with I/O modules that have large I/O Size (00188017)
Corrected Anomaly as of Firmware Revision 31.011
Known Anomaly First Identified in Firmware Revision 20.011
Catalog Numbers:
If you are using modules that have large IO sizes (for example, the 1769-SDN, 1769-SM1, 1769-SM2, ProSoft Modules), the controller will need to send the I/O data to these modules fragmented. This could result in the module using a mixture of old and new data.
A Program’s First Scan May Not Occur if the Program is Uninhibited (00190610, 00190512)
Corrected Anomaly in Firmware Revision 31.011
Known Anomaly First Identified in Firmware Revision 19.013
Catalog Numbers:
If a program is inhibited, and then uninhibited, then a small timing window could occur where the S:FS first scan bit is reset before the program is truly first scanned.
AxisHomedStatus Bit Gets Set To Zero When Inhibiting the Axis (00199162, 00217021)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 31.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.013 for these catalog numbers:
If the AxisHomedStatus bit is already established on a CIP™ drive, issuing an SSV to inhibit the axis resets the AxisHomedStatus bit to zero.
SRT (Sort) instruction with a large length can cause the controller to MNRF (00227157)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
CORRECTED Anomaly with Firmware Revision 33.051 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.054 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
When the SRT (Sort) instruction is executed, it can result in a controller major non-recoverable fault (MNRF). This can occur when the SRT is performed in an array with a large length, typically over 120 elements.
Dual Feedback Position Error Jumps (00232347, 00232504)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
34.011
|
Compact GuardLogix® 5370
|
28.011
|
34.011
|
ControlLogix® 5570
|
20.011
|
34.011
|
GuardLogix 5570
|
20.011
|
34.011
|
CompactLogix 5380
|
28.011
|
33.011
|
Compact GuardLogix 5380 SIL 2
|
31.011
|
33.011
|
Compact GuardLogix 5380 SIL 3
|
32.013
|
33.011
|
CompactLogix 5480
|
32.011
|
33.011
|
ControlLogix 5580
|
28.011
|
33.011
|
GuardLogix 5580
|
31.011
|
33.011
|
When the following configuration or conditions are met:
Anytime the axis moves past one meter, the position command jumps by 1000 or 39.37 depending on the configured motion units.
Firmware Supervisor fails with “(Code 16#fe11) Automated Firmware Update Failed: Firmware file invalid.” (00206938)
Controller Anomaly with Continuous Task, Indirect Addressing, and CONCAT or DTOS (1442602)
Controllers
|
First Known in
Firmware Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
29.011
|
—
|
Compact GuardLogix® 5370
|
29.011
|
—
|
ControlLogix® 5570
|
29.011
|
—
|
GuardLogix 5570
|
29.011
|
—
|
ControlLogix 5570 redundant
|
30.051
|
—
|
Controller applications with a continuous task with CONCAT or DTOS instructions where indirect addressing exists may result in a controller major nonrecoverable fault/assert when additional task(s) exist. See Knowledgebase Technote 5570/5370 Controller Anomaly with Continuous Task, Indirect Addressing and CONCAT or DTOS.
Some Faults Are Not Logged in The Controller Log (1061142, 1594647)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.016, 34.011 and later
|
Compact GuardLogix® 5370
|
28.011
|
33.016, 34.011 and later
|
ControlLogix® 5570
|
20.011
|
33.016, 34.011 and later
|
ControlLogix 5570 redundant
|
20.054
|
33.053, 34.051 and later
|
GuardLogix 5570
|
20.011
|
33.016, 34.011 and later
|
The Controller Log feature does not properly log User Task Watchdog faults (Type 6 Code 1) in the Controller Log. For more information about the Controller Log feature, see the Logix 5000® Controllers Information and Status Programming Manual, publication 1756-PM015.
PCMD Returns Incorrect Error Code (1056295)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
34.011
|
Compact GuardLogix® 5370
|
28.011
|
34.011
|
ControlLogix® 5570
|
20.011
|
34.011
|
ControlLogix 5570 redundant
|
20.054
|
34.051
|
GuardLogix 5570
|
28.011
|
34.011
|
CompactLogix 5380
|
28.011
|
34.011
|
Compact GuardLogix 5380 SIL 2
|
31.011
|
34.011
|
Compact GuardLogix 5380 SIL 3
|
32.013
|
34.011
|
CompactLogix 5380 Process
|
33.011
|
34.011
|
CompactLogix 5480
|
32.011
|
34.011
|
ControlLogix 5580
|
28.011
|
34.011
|
GuardLogix 5580
|
31.011
|
34.011
|
ControlLogix 5580 Process
|
33.011
|
34.011
|
Equipment Phase Command (PCMD) returns the incorrect error code “0x6003, HIGH_PRIORITY_OWNED” when it should return “0x6004, NOT_ATTACHED”
Controller Can Assert During The I/O Module Configuration Process (1024030, 00219969)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
34.011
|
Compact GuardLogix® 5370
|
28.011
|
34.011
|
ControlLogix® 5570
|
20.011
|
34.011
|
ControlLogix 5570 redundant
|
20.054
|
34.051
|
GuardLogix 5570
|
28.011
|
34.011
|
CompactLogix 5380
|
28.011
|
33.011
|
Compact GuardLogix 5380 SIL 2
|
31.011
|
33.011
|
Compact GuardLogix 5380 SIL 3
|
32.013
|
33.011
|
CompactLogix 5480
|
32.011
|
33.011
|
ControlLogix 5580
|
28.011
|
33.011
|
GuardLogix 5580
|
31.011
|
33.011
|
Certain I/O modules send more configuration data than fits in a standard forward open (508 bytes) when the connection is being established. Therefore, the configuration process can take longer to complete. Examples include E300™ Electronic Overload Relays, 1444 Dynamics, 1718 I/O, 1719 I/O, and many third-party I/O devices.
When the configuration data is being sent to the device, if you change the configuration through the Add-on Profile for the device and then apply the changes the controller can assert.
CIP™ Axis Velocity Loop Causes Controller To MNRF/Assert (1008498, 1006943)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
34.011
|
Compact GuardLogix® 5370
|
28.011
|
34.011
|
ControlLogix® 5570
|
20.011
|
34.011
|
GuardLogix 5570
|
28.011
|
34.011
|
CompactLogix 5380
|
28.011
|
34.011
|
Compact GuardLogix 5380 SIL 2
|
31.011
|
34.011
|
Compact GuardLogix 5380 SIL 3
|
32.011
|
34.011
|
CompactLogix 5380 Process
|
33.011
|
34.011
|
CompactLogix 5480
|
32.011
|
34.011
|
ControlLogix 5580
|
28.011
|
34.011
|
GuardLogix 5580
|
31.011
|
34.011
|
ControlLogix 5580 Process
|
33.011
|
34.011
|
Setting the Axis Direct Command Velocity Tag to “Not a Number” (NaN) causes the controller to experience a major nonrecoverable fault/assert.
Grandmaster Clock Description Not Correctly Being Displayed (939979)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
34.011
|
Compact GuardLogix® 5370
|
28.011
|
34.011
|
ControlLogix® 5570
|
20.011
|
34.011
|
ControlLogix 5570 redundant
|
20.054
|
34.051
|
GuardLogix 5570
|
20.011
|
34.011
|
Located in controller properties → Date Time → Advanced → Grandmaster Clock description could be shown as a blank description or could be showing old information. This does not impact time synchronization.
Message T0 (Timeout) Bit Does Not Function as Designed (1068449)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
34.011
|
Compact GuardLogix® 5370
|
28.011
|
34.011
|
When setting the message TO (TimeOut) bit in the message instruction backing tag the message instruction does not timeout immediately as expected. It will time out as set by the unconnected timeout setting in the message instruction backing tag, which the default is 30 seconds.
SequenceManager Event Client 2.0 Can Experience Slow Performance When Using the Start Up Recovery Option (1769621)
Controllers
|
First Known in Firmware
Revision
|
Corrected in
Firmware Revision
|
CompactLogix™ 5370
|
28.011
|
36.011 and later
|
Compact GuardLogix® 5370
|
28.011
|
36.011 and later
|
ControlLogix® 5570
|
28.011
|
36.011 and later
|
GuardLogix 5570
|
28.011
|
36.011 and later
|
After downloading a new project, the SequenceManager™ Event Client that started with the Start Up Recovery option should stop attempting to recover events immediately. However, the Event Client can continue to attempt recovery until the maximum number of events has been reached.
Workaround: Start the SequenceManager Event Client with the Start Up Recovery option disabled.
SequenceManager Event Client 2.0 Cannot Reliably Recover Events on Startup of The Service (1766682)
Controllers
|
First Known in Firmware
Revision
|
Corrected in
Firmware Revision
|
CompactLogix™ 5370
|
28.011
|
36.011 and later
|
Compact GuardLogix® 5370
|
28.011
|
36.011 and later
|
ControlLogix® 5570
|
28.011
|
36.011 and later
|
GuardLogix 5570
|
28.011
|
36.011 and later
|
Starting the SequenceManager™ Event Client 2.0 service with the Start Up Recovery option enabled can result in missing data.
Velocity Scaling Not Performed Before SLAT Setpoint Sent to Drive (00218527, 00200340)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
The controller does not perform velocity scaling before it sends the Speed Limited Adjustable Torque (SLAT) setpoint to a drive.
Firmware Supervisor Does Not Update Kinetix 5700 2198-D032-ERS4 Drive Firmware (00218796)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
If Firmware Supervisor tries to update the firmware on a
Kinetix® 5700 2198-D032-ERS4 Drive, the Studio 5000 Logix
Designer® Application can report a module fault: “(Code 16#fe11) Automated
Firmware Update Failed: Firmware file invalid.”
Workaround: To update the firmware, use ControlFLASH™ or ControlFLASH Plus™ software.
Connected Cached Messages Do Not Time Out after Repeated Connection Requests (00206909, 217264)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
CORRECTED Anomaly with Firmware Revision 33.051 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.054 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
The connection for connected cached messages does not time out after the max number of retries for the connected request is attempted.
MAOC Drifting Errors (00211178, 00218822)
CORRECTED Anomaly with Firmware Revision 33.011
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 31.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.013 for these catalog numbers:
Motion Arm Output Cam (MAOC) planner’s output can diverge from master axis position over time. For more information, see Knowledgebase article MAOC Drifting Errors.
MCLM/MCCM Set to Merge All Can Cause Controller MNRF (00220553, 00219873)
CORRECTED Anomaly with Firmware Revision 30.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 31.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.013 for these catalog numbers:
The controller can experience a major non-recoverable fault (MNRF) due to the following:
Socket Application Code Can Cause the Controller to MNRF (00227905, 00228810)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.011
|
Compact GuardLogix® 5370
|
28.011
|
33.011
|
CompactLogix 5380
|
28.011
|
33.011
|
Compact GuardLogix 5380 SIL 2
|
31.011
|
33.011
|
Compact GuardLogix 5380 SIL 3
|
32.013
|
33.011
|
CompactLogix 5480
|
32.011
|
33.011
|
ControlLogix® 5580
|
28.011
|
33.011
|
GuardLogix 5580
|
31.011
|
33.011
|
If your application code tries to access a socket that has already been deleted, the controller can experience a major nonrecoverable fault.
Using Compare Instruction with String Data Types (00223326, 00223030,0226535)
Controllers
|
First Known in
Firmware Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.011
|
Compact GuardLogix® 5370
|
28.011
|
33.011
|
ControlLogix® 5570
|
20.011
|
33.011
|
ControlLogix 5570 redundant
|
20.054
|
33.051
|
GuardLogix 5570
|
20.011
|
33.011
|
CompactLogix 5380
|
28.011
|
33.011
|
Compact GuardLogix 5380
SIL 2
|
31.011
|
33.011
|
Compact GuardLogix 5380
SIL 3
|
32.013
|
33.011
|
CompactLogix 5480
|
32.011
|
33.011
|
ControlLogix 5580
|
28.011
|
33.011
|
GuardLogix 5580
|
31.011
|
33.011
|
If compare instructions (EQU, GEQ, GRT, LEQ, LES, NEQ) are used with string data types and the length of the string is negative, it can result in the controller experiencing these faults:
Controller Does Not Transition to Run Mode after Online Edit of PowerFlex Drive Parameters (00219408)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
CORRECTED Anomaly with Firmware Revision 33.051 for these catalog numbers:
CORRECTED Anomaly with Firmware Revision 32.012 and 33.011 for these catalog numbers:
CORRECTED Anomaly with Firmware Revision 31.013, 32.012, and 33.011 for these catalog numbers:
CORRECTED Anomaly as of Firmware Revision 30.015, 31.013, 32.012, and 33.011 for these Catalog Numbers:
CompactLogix 5380 Controllers Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.054 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 31.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.011 for these catalog numbers:
If you edit a PowerFlex® drive parameter online in Program mode, the controller does not transition to run mode when you change from Program mode to run mode. This can occur when you use the 20-750-ENETR PowerFlex 755 dual-port Ethernet communication module.
UnitID member is not cleared to zero when FactoryTalk Batch is disconnected (00219832)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
CORRECTED Anomaly with Firmware Revision 33.051 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 29.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 30.051 for these catalog numbers:
When using PhaseManager™ software with FactoryTalk® Batch, the UnitID member is
not cleared to zero when FactoryTalk Batch detaches or is disconnected from the phase.
Nested SFC with Selection Branch Execution on First Transition May Be Incorrect (00227908, 00225009, 880618, 1594431)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.011 and later
|
Compact GuardLogix® 5370
|
28.011
|
33.011 and later
|
ControlLogix® 5570
|
20.011
|
33.011 and later
|
ControlLogix 5570 redundant
|
20.054
|
33.051 and later
|
GuardLogix 5570
|
20.011
|
33.011 and later
|
CompactLogix 5380
|
28.011
|
31.013, 32.016, 33.011 and later
|
Compact GuardLogix 5380
SIL 2
|
31.011
|
31.013, 32.016, 33.011 and later
|
Compact GuardLogix 5380
SIL 3
|
32.013
|
32.016, 33.011 and later
|
CompactLogix 5480
|
32.011
|
32.016, 33.011 and later
|
ControlLogix 5580
|
28.011
|
31.013, 32.016, 33.011 and later
|
GuardLogix 5580
|
31.011
|
31.013, 32.016, 33.011 and later
|
Under the following conditions, a sequential function chart (SFC) selection branch will not execute correctly.
Under these conditions, if an SFC is reset while evaluating parallel transitions, the chart may remember that one transition from before the reset was true. If another transition is true after the execution path reaches that select divergence again, the chart could still remember the transition from before the reset and choose the incorrect execution path.
After Power Cycling, The Controller SFC Routines Do Not Execute Properly (00229202, 00229027, 926153, 1594432)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.011 and later
|
Compact GuardLogix® 5370
|
28.011
|
33.011 and later
|
ControlLogix® 5570
|
20.011
|
33.011 and later
|
ControlLogix 5570 redundant
|
20.054
|
33.051 and later
|
GuardLogix 5570
|
20.011
|
33.011 and later
|
CompactLogix 5380
|
28.011
|
31.013, 32.016, 33.011 and later
|
Compact GuardLogix 5380
SIL 2
|
31.011
|
31.013, 32.016, 33.011 and
later
|
Compact GuardLogix 5380
SIL 3
|
32.013
|
32.016, 33.011 and later
|
CompactLogix 5480
|
32.011
|
32.016, 33.011 and later
|
ControlLogix 5580
|
28.011
|
31.013, 32.016, 33.011 and
later
|
GuardLogix 5580
|
31.011
|
31.013, 32.016, 33.011 and
later
|
Following a power cycle, if the application program includes an SFC with a simultaneous branch, the possibility exists for one or more steps on that simultaneous branch not to execute. This anomaly does not occur on every power cycle.
See Knowledgebase Technote Unexplained Sequential Function Chart (SFC) simultaneous branch execution.
Unexpected command sent to phase when connection is lost to Logix Designer (00224198)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
CORRECTED Anomaly with Firmware Revision 33.051 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.054 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
The anomaly occurs when Logix Designer has an override attach to the equipment phase and the connection is lost to Logix Designer. The anomaly is that the phase is sent the command specified in the ‘External Sequencer Loss of Communication Command’ property. What should happen is no command should be sent—only the override should be cleared. The configured command should only be sent when there is an External Sequencer (FTBatch) attached.
Execution of a MAS Instruction results in error 104 (00213035)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Under the following specific sequence of events the execution of the MAS instruction could result in error 104. The sequence of events is as follows:
Consumed axis actual position exceeds the produced axis unwind position (00225674, 00223851)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 21.011 for these catalog
numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 31.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.013 for these catalog numbers:
The consume axis can reach positions beyond the unwind value. This is something that
can occur depending on the CUP (Course Update Period) of the Motion Group and the
produced axis speed.
The consumed axis is configured for linear, but it applies the unwind value that the consumer gets from the producing axis. Depending on the execution schedule, the unwind value could be applied after the controller tag for the axis position has been updated.
Refer to Knowledgebase article Consumed axis is reaching positions beyond the unwind value.
Homing an axis introduces a spike in the Actual Velocity attribute (00225946, 00223672)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified in these controllers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 31.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.013 for these catalog numbers:
While homing to the limit switch, you see a large spike on the axis’ ActualVelocity attribute. The drive position and velocity feedback do not reflect the spike noticed on the ActualVelocity attribute of the controller. They stay consistent with the expected behavior.
ConfigUpdateInProcess Bit Does Not Change State When Issuing an SSV Instruction to Change the Value of the Conversion Constant (00230152, 00228464, 880625, 1594437)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware
Revision
|
CompactLogix™ 5370
|
20.011
|
33.011 and later
|
Compact GuardLogix®
5370
|
28.011
|
33.011 and later
|
ControlLogix® 5570
|
20.011
|
33.011 and later
|
GuardLogix 5570
|
20.011
|
33.011 and later
|
CompactLogix 5380
|
28.011
|
31.013, 32.016, 33.011 and
later
|
Compact GuardLogix 5380
SIL 2
|
31.011
|
31.013, 32.016, 33.011 and
later
|
Compact GuardLogix 5380
SIL 3
|
32.013
|
32.016, 33.011 and later
|
CompactLogix 5480
|
32.011
|
32.016, 33.011 and later
|
ControlLogix 5580
|
28.011
|
31.013, 32.016, 33.011 and
later
|
GuardLogix 5580
|
31.011
|
31.013, 32.016, 33.011 and
later
|
The Configuration Update Status Bits attribute provides a method for monitoring the progress of one or more specific module configuration attribute updates initiated by either a Set Attribute List service or an SSV in the user program. As soon as such an update is initiated, the controller sets the ConfigurationUpdateInProcess bit. The bit remains set until the Set Attribute List reply comes back from the servo module indicating that the update process was successful. Thus, the Configuration Update Status Bits attribute provides a method of waiting until the servo configuration data update to the connected motion module is complete before starting a dependent operation.
CIP Motion Axis Feedback 1 and 2 length incorrectly converted by the controller (00218528, 00218407)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 31.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 32.013 for these catalog numbers:
CIP Motion Axis attribute 1419 Feedback 1 Length and 1469 Feedback 2 Length are converted from float to integer by the controller before being sent to the drive. The conversion is unexpected and causes the value in the drive to become incorrect.
Axis Stuck In Synchronizing State When SSV And Inhibiting Axis On The Same Module (00229573, 00225308)
CORRECTED Anomaly with Firmware Revision 33.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 20.011 for these catalog numbers:
Known Anomaly First Identified as of Firmware Revision 28.011 for these catalog numbers:
When continually executing multiple SSV instructions to change drive attributes on axis A and inhibiting axis B on the same module, axis A and other axes on the same module become stuck in the synchronizing state and never go to pre-charge/stopped state. You must re-download the project to recover.
Controller can take more time than expected to re-establish connections (00212775, 00227804)
CORRECTED Anomaly with
Known Anomaly First Identified in
If repeated connection interruptions occur because of network cable disconnections, the controller can take more than 10 minutes to re-establish connections. If the controller is power cycled, connection re-establishment is almost immediate.
On powerup CompactLogix and Compact GuardLogix controller Ethernet port may not properly initialize (00223080, 00179897)
CORRECTED Anomaly with
Known Anomaly First Identified in
When the controller is powering up, if there is sufficient incoming communication to the embedded Ethernet port, the port may not initialize properly and communication to and from the controller can fail. While the controller is in this state, the IP address of the controller is reported as 0.0.0.0 and the NS (Network Status) indicator is off.
Online Editing of PowerFlex Drives (00227003, 1594434)
Controllers
|
First Known in Firmware
Revision
|
Corrected in Firmware Revision
|
CompactLogix™ 5370
|
20.011
|
33.011 and later
|
Compact GuardLogix®
5370
|
28.011
|
33.011 and later
|
ControlLogix® 5570
|
20.011
|
33.011 and later
|
ControlLogix 5570
redundant
|
20.054
|
33.051 and later
|
GuardLogix 5570
|
20.011
|
33.011 and later
|
CompactLogix 5380
|
28.011
|
30.015, 31.013, 32.016, 33.011 and
later
|
Compact GuardLogix 5380
SIL 2
|
31.011
|
31.013, 32.016, 33.011 and later
|
Compact GuardLogix 5380
SIL 3
|
32.013
|
32.016, 33.011 and later
|
CompactLogix 5480
|
32.011
|
32.016, 33.011 and later
|
ControlLogix 5580
|
28.011
|
30.015, 31.013, 32.016, 33.011 and
later
|
GuardLogix 5580
|
31.011
|
31.013, 32.016, 33.011 and later
|
See Knowledgebase Technote Product Notice 2019-01-001 Revision C - Online Editing of PowerFlex Low and Medium Voltage Drives (201901001).
IMPORTANT: You must use a CORRECTED controller firmware revision (listed above) in conjunction with Drives AOP 5.007 or greater; a CORRECTED controller firmware revision alone will not address the anomaly described in the product notice.