What is OPC UA

What is OPC UA

OPC UA (unified architecture) is the next generation of OPC standards. It provides a complete, safe and reliable cross platform architecture to obtain real-time and historical data and time.

OPC UA is based on the new generation technology provided by OPC foundation, which provides safe, reliable and independent of manufacturers, and realizes the transmission of raw data and pre-processing information from manufacturing level to production plan or ERP level. Through OPC UA, all required information is available to each authorized application and each authorized person at any time and at any place. This function is independent of the manufacturer's original application, programming language and operating system. OPC UA is a supplement to the OPC industrial standards that have been used so far, providing some important features, including platform independence, scalability, high reliability and the ability to connect to the Internet. OPC UA no longer relies on DCOM, but is based on Service-Oriented Architecture (SOA). OPC UA is easier to use. Now, OPC UA has become a bridge between the enterprise layer independent of Microsoft, UNIX or other operating systems and the embedded automation.

Unified access

Traditional OPC com features distribute different functions to multiple com servers, and represent different functions through interface connection. OPC COM server provides alarm but not continuous access to the data triggering the alarm. For example, the OPC COM server that provides historical data storage does not allow the current data to be read and updated. This feature causes integration problems because information from a single system cannot be accessed in a consistent way. OPC UA solves the integration problem that a general address containing multiple available information is accessed through a single service.

Better authentication interoperability

OPC UA features pass the same server and client testing tools as the successful OPC com certification program. These test tools enable suppliers to verify whether their products meet the requirements of characteristics and improve the quality of products. After OPC UA and OPC com features are certified, corresponding certification marks can be obtained. Products certified by OPC can reduce the system integration cost of end users.

Reliability of design

OPC UA is designed for availability and redundancy architecture. Complete configurable timeout, error detection, and recovery features allow OPC UA products to seamlessly handle errors or failures (such as loss of network communication). The standard OPC UA module supporting redundant functions makes it possible to deploy applications from different vendors.

Cross domain firewall and over the Internet

OPC UA starts the communication channel by the client, which means that the client does not need to be configured like OPC com to allow the access of the server. OPC UA can communicate through standard HTTP or UA TCP port or any other port that the administrator is willing to open. OPC UA uses a security based amount message, which means it can communicate through a third-party agent.

Reduce configuration time through information model

OPC UA architecture provides basic applications, and suppliers can provide specific application information models, which will greatly reduce the cost of configuration and maintenance of these modules. OPC foundation is cooperating with Mimosa, FDI and PLCopen (IEC61131) to develop OPC UA information model.

Standard security model

In the past, security was the last thing to consider, and many vendors did not test their product's security license. This means it's hard or impossible to configure security for the end user. OPC UA architecture solves this problem through standard security model that UA application must implement. This enhances interoperability and reduces configuration and maintenance costs. Opcua is also conducive to the development of standard tools for security settings management of any opcua product suitable for any platform.

From embedded system to enterprise level single solution

Lightweight OPC UA can be used as an effective binary communication protocol. For example, OPC UA has been ported to many embedded systems, including VxWorks, Linux and proprietary RTOS (real time operating systems). Top level OPC UA applications support enterprise level standard XML page service protocol. Through a common architecture, the cost of system integration can be reduced.

Protect existing OPC com investment

OPC UA Com's interoperability components enable the supplier to quickly implement the existing OPC com client and server applications to support OPC UA. These components are customized by adding the required opcua advanced features. This means that users can continuously use their OPC COM technology investment to develop new OPC UA applications.

historical event

OPC UA extends the ability of OPC com historical data access (HDA) by supporting historical events. The end user can obtain event information through the selected OPC UA client.

Platform independence without performance loss

OPC UA architecture is designed to provide the best performance while providing platform independence. This means that developers can use their familiar languages and operating systems to develop OPC UA based applications, rather than just a choice of using soap / XML over HTTP. Platform independence is also valuable for Windows users because it allows applications to migrate to the next generation of Microsoft communications technology. This also means that suppliers of OPC UA products can have more choices when the previous communication technology is out of date or there are similar technical problems such as non configurable long timeout.

High performance communication protocol

The OPC UA feature defines a TCP based binary communication protocol that provides the fastest performance with minimal overhead. Soap / XML is commonly used in communication protocols for enterprise environments. OPC UA provides binary encoding of messages through UA before being packaged into soap / XML compatible messages, which improves the performance of XML messages by more than 10 times. The advantage of this architecture is to provide a format that uses Soap / XML, but reduces its complexity and XML size before sending.

Windows communication foundation (WCF)

The OPC. Net SDK uses WCF to provide support for XML Web services. This architecture means that all OPC UA. Netsdk based applications in enterprise applications can inherit the lake operability of Microsoft's XML Web services.

Reduce development cost through OPC UA SDKs

Developers based on OPC com know that interface is only a small part of the code in applications that require interoperability. For this reason, the OPC ua.net SDK provided by the OPC foundation can provide developers with more choices, and only a few hundred lines of code can be used to realize OPC UA compatible applications. Developers can also choose to provide commercial SDKs to OPC foundation members. These SDKs will greatly reduce development costs, and suppliers will also pay more attention to providing more valuable products for existing customers. End users can also benefit from the SDK, because the common architecture will reduce the interoperability between different applications.

Enhanced features of methods and procedures adopted

Existing OPC com features focus on data or time, but many applications require to reduce the complex operation of a single data value or event. Through the OPC UA method, the server allows clients to trigger complex functions through a series of parameters. The trigger event reporting process function can be used to control the background process.

Flexibility of object oriented information model

Opcua adopts an object-oriented design information model. Server developers can use this model to develop reusable components. Client developers can build standard components based on the standard object model, which can be used in different servers or even in different suppliers' applications.

Why use the new architecture

The existing OPC com has been regarded as the communication standard of OPC in the past 10 years, but the development of technology requires more interoperability:

Microsoft is gradually weakening com, while cross platform web services and SOA are gradually strengthening

OPC suppliers want a set of worried services to realize OPC data modules (DA, a & E, HDA .）

OPC suppliers hope to realize OPC functions in non Microsoft platforms, including embedded devices

4 some cooperative organizations need a reliable and effective way to realize the transfer of high-level structural data

PS1: Service-Oriented Architecture (SOA) is a component model, which links different functional units of applications (called services) through well-defined interfaces and contracts between these services. The interface is defined in a neutral way, which should be independent of the hardware platform, operating system and programming language to implement the service. This enables services built into various such systems to interact in a unified and common way.

PS2: in terms of software, interoperability - the term is used to describe the ability of different programs to exchange data, read and write the same file formats, and adopt the same protocols by using the same set of exchange formats.

OPC UA - Internet of things security solution

With the continuous evolution of science and technology, digitalization has become a very important and attractive market in the automation industry. Its goal is to integrate IT technology with products, systems, solutions and services, running through the entire industrial chain from R & D design to production to technical maintenance. At the same time, the development of industrial digitalization has also driven the rapid development of some emerging markets, such as digitalization of digital products and systems, software solutions and new digital services.

At present, the Internet of things is integrating some traditional industries with industries based on IP technology, which is the engine of digital development. The core of standardization is M2M communication. Over the years, many companies and industry associations, such as OPC foundation, have been participating in and promoting these standardization development.

In today's complex economic and social environment, information plays an important role in business and profitability. The original intention of OPC technology is to make the information exchange smoothly between different platforms, and to realize the seamless connection of zero cost and zero time consumption between platforms. The software development time saved and the engineering resources released can be used to do more important work for the business. With the passage of time, OPC not only plays a docking role, but also is the best choice to ensure your information security.

Today, the industrial control editor is going to tell you about the Internet of things security solution provided by OPC UA.

What are the dangers of connecting devices to the Internet

The Internet of things (IOT) is the vision of a global automation industry, that is, billions of intelligent devices collaborate with each other through the Internet. However, there are many potential applications and risks in the Internet of things, so the devices exposed to the Internet will also face the risk of being hacked. To reduce these risks, many plant operators turn to agents that support protocols such as mqtt or AMQP. These protocols allow devices to be kept behind firewalls for security, but still be able to communicate with peer devices and cloud based applications. Unfortunately, these solutions require plant operators to send some sensitive information through agents managed by third-party providers, which is unacceptable for many applications. Fortunately, OPC UA has an end-to-end security solution to ensure the privacy and integrity of the data sent through the proxy.

Enhance OPC UA through publish subscribe

OPC UA PubSub is an extension of the popular OPC UA protocol, which allows applications to publish messages to multiple subscribers through intermediate agents, such as mqtt agents. OPC uapubsub messages can be formatted in XML, JSON, or an efficient OPC UA binary format. When the latter method is used, the publisher can encrypt and digitally sign the message before sending it to the agent to ensure that no one other than the target recipient can read or modify the message. This will protect the publisher's data, even if the agent is stored on disk while the message is waiting for delivery.

Do it all by sharing a secret key

Publishers and subscribers need to share a key to communicate securely. This is achieved by using a special OPC UA server called security key service (sks). Applications requiring a key securely provide credentials to sks using the OPC UA client server protocol. Sks determines whether they have access to the requested key and returns one or more keys. This process requires multiple keys, as they change frequently, to ensure that the application can be removed from the system at a reasonable time if necessary.

Security is guaranteed. What about metadata?

Rich OPC UA information model allows applications to express their systems using terms and constructs that match the application domain. This information model is also an important part of OPC UA PubSub, because it provides an overall framework to describe the content of messages to be sent to broker. OPC UA PubSub specifies and defines a mechanism to notify subscribers that the message structure has changed, and allows publishers to send new metadata to in band or out of band. Other solutions expect subscribers to process known message content or rely on specific rules to parse JSON or XML.

The way of future development

Any plant operator who wants to take advantage of the Internet of things will benefit from the security toolbox provided by OPC UA, which helps ensure the security and integrity of privacy when data flow is thrown out of a system managed by a third party. When combined with OPC UA information modeling framework and widely used in many off the shelf OPC products, toolbox will become the first tool.