OPC Unified Architecture the Interoperability Standard

OPC Unified Architecture The Interoperability Standard

Multiplatform Multivendor Secure Reliable 2 OPC: Openess – Productivity – COLLABORATION 3

Welcome to the OPC Foundation, The OPC Foundation a global organization in which users, The OPC Foundation is dedicated to ensuring in- vendors and consortia collaborate teroperability in automation. By creating and main- taining open specifications that standardize the com- to develop standards for multivendor, munication. This communication includes acquired process data, alarm and event records, historical multiplatform, secure and reliable data and batch data. The information is transferred vertical and horizontal from multivendor enterprise interoperability in industrial automa- systems and between production devices. Produc- tion devices include sensors, instruments, PLCs, tion and other markets. RTUs, DCSs, HMIs, historians, trending subsystems, Thomas J. Burke alarm subsystems, and more. These systems are President and Executive Director OPC Foundation used in the process industry, manufacturing, and in acquiring and transporting energy, oil, gas and min- Contents OPC is the interoperability standard for secure, reli- Today there are over 20,000 OPC products from erals. able multivendor, multiplatform data exchange for more than 3,500 vendors with millions OPC based Industrial Automation. It provides open connectivity applications installed worldwide. This reinforces OPC across multiple products, regardless of hardware technology as the leading standard for interoperable platform or software operating system. data exchange between software applications from 2 OPC: Openess – Productivity – multiple vendors. Openess Productivity Collaboration CoLLABORATION The OPC standard is a series of specifications that are developed by industry vendors, end-users and The OPC Foundation’s vision is to manage a global – > 450 members – Industry standard – PLCopen 4 Quotes software developers to facilitate data transmission organization in which users, vendors and consortia – Platform-neutral – Manufacturer-independent – BACnet Interest Group and exchange. OPC specifications define an inter- collaborate to create data transfer standards for mul- – All areas of application – Interoperability – FDI Cooperation 6 OPC UA at a Glance face between clients and servers, as well as servers tivendor, multiplatform, secure and reliable interoper- – All connections – Reliability – EDDL and FDT and servers, for different fields of applications, in- ability in industrial automation. – MESA, MES-D.A.CH. 8 OPC Foundation Organization cluding access to real-time data, monitoring of – OMAC alarms and events, access to historical data and To support this vision, the OPC Foundation : – Mimosa, ISA-95, ISA-88 10 OPC UA Technology in Detail other applications. ➞ Creates and maintains specifications. – MTConnect ➞ Ensures compliance with OPC specifications – Smard Grid 16 Compliance and certification Since 1995 OPC has been gaining widespread via certification testing. – ODVA adoption across multiple industries. OPC Classic ➞ Collaborates with industry leading standard – MDIS 18 Case Studies was first released in August, 1996 with support for organizations. Microsoft Windows. With the introduction of service- 26 OPC UA is IEC62541 oriented architectures in industrial automation sys- This brochure will help you better understand OPC The OPC Vision tems, the OPC Foundation released the first OPC UA UA technology and what the OPC Foundation can 27 Further information specification in 2009 which provides a migration provide to your organization. For more information, path from OPC Classic to more secure and scalable please visit the OPC Foundation website at The Vision of the OPC Foundation is to provide the solutions that take advantage of Web services and a www.opcfoundation.org. best technology, specifications, certification and pro- unified data model. cesses to enable companies to build products and services that demonstrate multiplatform multivendor Sincerely, secure reliable interoperability. OPC Foundation members benefit by being able to take advantage of Thomas J. Burke the technology and marketing necessary to become President and Executive Director leaders in the industry supporting industrial stan- OPC Foundation dards for industrial automation and other markets. [email protected] 4 Quotes 5

»As a founding member of the OPC Foundation, »OPC UA is now available on the market and is prov- »OPC UA is the future oriented communication stan- »OPC UA allows a platform independent, easy and Siemens strives to create added value for its cus- ing to solve the key issues it was intended to. Honey- dard for the industry. The emergence of the 4th in- secure connection between SAP business systems tomers through driving automation as well as the fur- well is investing in OPC UA and expects to provide dustrial revolution will boost the need for OPC UA.« with distributed shop floor data even on smallest em-

ther development and interoperability of technolo- leadership to ensure there is market acceptance and Dr. Reinhold Achatz, Head of Corporate Center Technology, Information & bedded devices.« gies between different system manufacturers. adoption. This is an exciting evolution for the OPC Quality, ThyssenKrupp AG, Former OPC board member and Vice President from 1996 till 2012. In many of our innovations – such as the network Foundation as it effectively solves many existing Veronika Schmid-Lutz, Product Owner Manufacturing, SAP AG management solution Sinema Server, the Human problems and expands the applicability of OPC far Machine Interface Simatic HMI, or the flexible, modu- beyond its current accepted scope historically.« lar motor management system Simocode pro – OPC standards have been applied. OPC UA is an imple- David Eisner, Honeywell, OPC board member mentation we attach especially great relevance to. Thus, we have always been strongly involved in this field, and were among the first companies to have their products certified. «

Thomas Hahn, Siemens AG, OPC board member »OPC UA unlocks the potential for ERP to Factory »Just as the OPC Foundation once transformed data Floor communications“.« access and interoperability for industrial applications on the PC platform, it stands on the threshold of an- Commitment from Industry Leaders Dr. Jürgen K. Weinhofer, Vice President Control Architecture & Technology, Rockwell Automation, OPC board member other wave of transformation represented by the potential of the Internet of Things. Connected devices »ICONICS is well positioned to take advantage of the together with cloud services, unlimited storage, and new OPC UA interoperability standard with its new- open standards for security and communications are est SCADA, HMI and Analytics products which are enabling Intelligent Systems, paving the way for a designed to be “OPC UA to Core“.« new wave of insights, applications and business

Russ L. Agrusa, CEO ICONICS, OPC board member models across the manufacturing landscape. The OPC UA standards play a key role in enabling this transformation and Microsoft is committed to working with the OPC Foundation to best help meet it’s needs.«

Rohit Bhargava, CTO WW Manufacturing & Resources Sector, Microsoft Corporation »OPC DA is the most popular and successful stan- »Beckhoff joined OPC Foundation in 1998 and early dard interface on the automation systems. Yokoga- provided OPC UA functionality integrated into small- wa joins OPC Foundation from the beginning and est embedded controller in 2008. Actively pushing has much contributed to the development of OPC the collaboration with PLCopen our customers al- interface. Now Yokogawa is fully committed itself to ready benefit from easy, secured connection from new promising OPC UA and will contribute to the »Emerson, as a founding member of the OPC Foun- our open PC based control philosophy up into MES development as ever.« dation, has and will remain committed to the vision of and cloud scenarios.« the OPC Foundation to develop standards for open Nobuaki Konishi, Yokogawa, President OPC Council Japan, Hans Beckhoff, Managing Director, Beckhoff Automation GmbH OPC board member connectivity in industrial automation systems and adjacent domains.«

Dr. Grant Wilson, Emerson, OPC board member 6 OPC UA at a Glance 7

OPC UA at a Glance – Secure, reliable and

platform-independent data communication OPC UA Object Method Variables Methods Service Set Attribute ______( ) (Programs) Service Set ______( ) (Data Access, Protection against ______( ) Platform independent data Historical communicaton unauthorized Access Data Access) OPC Unified Architecture is the new technology gen- OPC UA technology uses a mature security concept, Events eration of the OPC Foundation for the secure, reli- ensuring protection against unauthorized access or N able and vendor-neutral transport of raw data and sabotage of process data and as well against errors N Subscription pre-processed information from the sensor and field due to careless operation. The OPC UA security N Service Set level up to the manufacturing level and into the pro- concept encompasses options for user authentica- (Alarms & duction planning or ERP system. With OPC UA, all tion, the signing of messages and the encryption of Conditions) Standardized desired information is available to every authorized the transmitted user data. UA security is based on communication application and every authorized person at any time proven standards which are used also for secure In- via Internet and and in any place. OPC UA is independent of the ternet communications like SSL, TLS and AES. via firewalls manufacturer from which the applications originate. It is independent from the programming language in Availability and Reliability Simplification by Unification OPC UA makes it possible for standardization orga- ➞ OPC UA uses an op- which the applications were developed. And it is in- OPC UA defines a robust architecture with reliable OPC UA defines an integrated address space and an nizations to use UA services as a transport mecha- timized TCP-based UA dependent from the operating system on which the communication mechanisms, configurable timeouts, information model in which process data, alarms, nism for their own information protocols. Today the binary protocol for data software is used. and automatic error detection and recovery mecha- historical data and program calls can be represent- OPC Foundation cooperates with different standard- exchange with a standard nisms. The communication connections between ed. OPC UA unites classic OPC features and allows ization groups such as PLCopen, BACnet, ISA or IANA defined port “4840”; Web Services and HTTP Standardized Communication via OPC UA clients and servers can be monitored. OPC complex procedures and systems to be described in FDI. They create companion specifications by using are additionally support- Internet & Firewalls UA offers redundancy features that can be applied to a component. UA modeling capabilities. ed. It is sufficient to open OPC UA supplements the existing OPC industry server and client applications to prevent loss of data up just a single port in a standard with important features such as platform and to implement highly available systems with max- Range of Use Investment Protection firewall. Integrated secu- independence, scalability, high availability and Inter- imum uptime. The versatile usability of the OPC UA technology en- OPC UA will replace classic OPC in the long term. In rity mechanisms ensure net capability. OPC UA is no longer based on DCOM, ables the implementation of completely new vertical the mid term however, DCOM-based OPC products secure communication via but has been conceived on the basis of a service- integration concepts. By cascading OPC UA com- and UA products can co-exist. The migration strate- the Internet. oriented architecture (SOA). OPC UA can therefore ponents, information is transferred securely and reli- gy of the OPC Foundation enables the combination be ported very easily. Today, OPC UA already forms ably from the shop floor to the production planning of classic OPC and OPC UA products. The installed the bridge between the Enterprise level down to em- Workstation or ERP system. Embedded UA servers at the field base of existing OPC products with millions of instal- bedded automation components – independent of device level, UA components at automation level and lations will work with the new OPC UA products, so Security Microsoft-, UNIX- or any other operating systems. Server integrated UA clients in ERP systems at enterprise migrating to OPC UA is painless and offers advan- level are directly connected with eachother. The re- tages to the user because any desired product from ➞ X509 certificates Desktop PC spective UA components can be geographically dis- any manufacturer, whether OPC or OPC UA can be ➞ OpenSSL encryption tributed and easily separated from one another by used. ➞ User / password Notebook firewalls. ➞ Access rights for each attribute Phone

PLC Controller

Embedded devices Devices Portables Desktops Servers Clusters Mainframes 8 OPC Foundation Organization 9

OPC FOUNDATION MEMBERS The OPC Foundation member companies are located in OPC Foundation – The Community of Visionaries every major region of the world, Europe, North and South America, and Asia. and Communication Experts 33 % NORTH AMERICA

OPC Connect with the OPC Community OPC Foundation Member logo. For the OPC tech- Foundation With more than 450 member companies, the OPC nology suppliers, the OPC Foundation offers a com- 48 % EUROPE Members Foundation is the world’s leading community for in- plete marketing program, including a newsletter, web teroperability solutions based on the OPC specifica- site and educational events. For the OPC end-user 6 % JAPAN tions. All OPC Foundation members – including cor- community, membership offers the chance to col- porate, end-user and non-voting members – can laborate with the OPC developer community to build 5 % CHINA proudly display the OPC Foundation logo and the best-in-class solutions.

8 % REST OF WORLD

Why Join the OPC Foundation? Corporate Members Non-Voting Members are the OPC technology providers that offer OPC- are organizations such as government and research compliant products. Membership dues are based on institutions, universities and non-profit groups that ➞ Obtain full access to the annual sales and include free product certification need OPC information but who do not build OPC OPC specifications testing, based on membership class. products for the open marketplace. ➞ Get free use of the OPC Foundation sample End-User Members code are the consumers of OPC technology in the form of ➞ Certify products at the OPC-compliant products. End-user members can OPC Foundation contribute to the advancement of OPC technology Certification Lab. by commenting on Draft Specifications. ➞ Connect with the OPC developer and user community.

➞ Harden you product in interoperability (IOP) Create the Future How to Join workshops. The OPC specifications define the interface between Becoming an OPC Foundation member is easy! clients and servers, as well as server to server (peer Membership provides the best way to stay up-to- to peer), for different fields of applications, including date with technology and to reach the community THE OPC FOUNDATION IS … access to real-time data, monitoring of alarms and most interested in the value and benefits of OPC events, access to historical data and other applica- technology. Download, review, and complete the COMMUNITY: COMPLIANCE: COLLABORATION: tions. membership application at ➞ The world’s leading community ➞ The official source for the ➞ The collaboration with other or- www.opcfoundation.org/howtojoin. for interoperability solutions based OPC Certification Program, ensur- ganizations advances the adoption Benefits of membership on OPC specifications that deliver ing OPC products plug and play in and use cases of OPC based As an OPC Foundation corporate member, you get If you have questions about the application process universal connectivity. real-world applications. products. complete and early access to the OPC specifications or membership, please contact the OPC Foundation before the general public. You can even join working at [email protected]. groups and engage in the development of ongoing specifications. 10 OPC UA Technology in Detail 11

The mandatory UA Binary protocol is intended to be Data Model OPC UA Technology in Detail used by all UA enabled software and devices. It is OPC UA defines a generic object model including highly optimized and extremely fast, hence it is the the corresponding type system. In addition to the ge- preferred protocol between embedded devices, neric data model, modeling rules are defined that SCADA/HMI level devices and DCS systems. TCP describe how any physical system can be transport 4840 is reserved for OPC UA Binary transport. formed in an UA conformant model representation of The technical working group for OPC Unified Archi- Protocol Binding The Hybrid protocol runs UA binary encoded content that particular system. With this data model any kind tecture was formed in 2004. The objective was the The OPC UA specification defines abstract services inside an https message frame. Instead of message of equipment, function and system information can design and creation of a communication technology, following service oriented architecture (SOA). The based security this binding uses TLS encrypted be described. The base type system supports rela- which functionally unifies all existing classic OPC “Service Mapping” part of OPC UA specifies several transport security. Hence it is still fast and efficient, tion between objects, so called references, and it specifications, but also addresses platform indepen- protocol bindings to map these services to a net- and it can be implemented down to low end and supports multi inheritance, hence it is comparable to dence and object orientation. At the end of 2006 the work transport. Currently there are four (4) protocol midrange level devices. In a wide area network any modern object oriented programming language. new technology was presented to the public. The bindings defined of which one, the UA Binary, is (WAN) the TCP port 443 will be open on all firewalls This base model provides object and variable types new service oriented architecture (SOA) incorporates mandatory. modern security standards and object oriented meta ➞ Native UA Binary (mandatory) BaseNode ➞ +Nodeld : Nodeld model. It is scalable from embedded devices up to HTTPS with UA Binary +NodeClass : NodeClass enterprise systems. Together with the release of the ➞ HTTPS with SOAP and XML Encoding +BrowseName : QualifiedName specification in 2008 the first reference implementa- ➞ HTTP with SOAP and WS SecureConversation +DisplayName : LocalizedText +Description : LocalizedText tions in ANSI C and .NET were available, Java fol- and XML Encoding lowed one year later.

Object Variable Method Binary Hybrid Webservices +EventNotifier: Byte +Executable: Boolean Vendor Specific Extensions +Value +DataType: Nodeld +UserExecutable: Boolean +ValueRank: Int32 UA Binary UA XML +ArrayDimensions: Int32 Collaboration Models +AccessLevel: Byte +UserAccessLevel: Byte UA Secure WS Secure ObjectType +MinimumSampleInterval: Int32 DataType View Conversation Conversation +Historizing: Boolean DA AC HA Prg +IsAbstract: Boolean +IsAbstract: Boolean +ContainsNoLoops: Boolean +EventNotifier: Byte UA TCP SOAP

Base Services ReferenceType VariableType HTTPS HTTP +IsAbstract: Boolean +Value +Symmetric: Boolean +DataType: Nodeld TCP / IP Transport Meta Model +InverseName: LocalizedText +ArraySize: Int32 +IsAbstract: Boolean

4840 443 443 80

allowing the Hybrid protocol pass through. The Hy- as well as reference and data types. Given that, as brid is intended to be used in web client applications the basis, OPC UA can describe any kind of data or in cases where only port 443 can be used. including it’s meta data and semantics. The key components of the Unified Architecture are: The OPC Foundation provides protocol implementa- The web service binding runs on http, typically on The UA data model is the foundation of the UA Infor- ➞ different protocol bindings tions in the form of communication stacks written in port 80, using WS secure conversation for message mation Models, which are specialized models that ➞ object oriented modeling capabilities three (3) different programming languages to its based security or transport layer security with https. enhance the basic set of models to provide certain ➞ fixed set of base services members, ANSI C, C# and Java. The stacks are The XML encoded message including SOAP header functionality like Data Access, Alarms and Condi- ➞ OPC information model maintained by the OPC Foundation to insure interop- requires more powerful processing. The intended tions, Historical Access or Programs. ➞ extendable by collaborating organizations erability. Each stack provides a language specific use case is the communication between enterprise ➞ extendable through vendor specific extensions API, the service encoding layer (binary or XML), the applications and high level systems that are already secure channel layer and the transport layer. used to handling web services and that are only per- mitted to communicate on port 80. Those systems typically will not require direct access to field level devices. 12 OPC UA Technology in Detail 13

Profiles Information Model

Alarms & Conditions The functionality of an OPC UA Server can be pre- From a functional point of view, UA information mod- will gather all required information to interpret the cisely described in terms of profiles. Profiles are els unify the classic OPC specifications data access data provided by that particular server. The beauty of compositions of conformance units defining the (DA), alarms and events (A&E), historical data access this concept is that the data describes itself including

PLCopen smallest possible set of services required for certain (HDA) plus the two previous specifications Com- all metadata and semantic information. Redundancy Event Subscription Method Complex Data Historical Access Server Facet Server Facet Device Integration functionality. The UA client as communication part- mands and Complex Data. The new UA node repre- OPC UA distinguishes between the types and the ner can rely on the supported profiles and expected sents anything, starting from a simple variable up to instances when describing data models. For that behavior. The compliance certification program in- a node object that encapsulates and fully represents reason the OPC Foundation has defined a graphical Standard UA Server 50 Sessions sures that UA servers and clients behave within the a machinery subcomponent or a complete machine. syntax according to UML, but enhanced for special embedded UA Server limits of their supported profile. A conformance unit An object may contain data variables, it can initiate OPC UA needs. The DA Information Model of UA for 2 Sessions 5 Subscriptions micro UA Server is also a testable and certifiable functionality. The events and can provide callable methods, and it may example enhances the base variable type with an concept of profiles is the key to scalability of the OPC have historic information on values and events. AnalogItemType, which defines standard properties 1 Subscription Address Space 2 Subscriptions Type System UA technology. E.g. servers following the “embed- A server exposes instances – accessible nodes of a like range and unit to describe analog measurement ded UA Server Profile” need to support fewer con- certain type – in its address space. The address values. When composing an analog measurement Binary Protocol Core Security Data Access nected clients and parallel subscribed nodes com- space can be organized in a hierarchical or non-hier- object type, which is derived from the BaseObject pared to a “standard UA Server Profile”. Memory and archical manner as nodes are interlinked by refer- type, it will use an AnalogItem type for the measure- resource consumption becomes predictable and ences in a full meshed network. UA defines so called ment value itself, but it also can include system and thus can be handled by the embedded devices. A “well known types” that cover all use cases known level alarm objects including their conditions. The UA Services UA server running on a powerful PC platform is ex- from previous OPC functionalities, but the UA type server on the measurement device or PLC, will now Independent from the transport binding, OPC UA pected to support more parallel connections. How- system is extendable. Custom types can be inherited have multiple instances of analog measurements, for defines a fixed set of services that must be support- ever, and that is the important part, they both use the and enhanced, but also complex types can be com- measuring pressure, temperature or any other ana- ed by all UA servers. In contrast to classic web ser- exact same services for the same functionality e.g. posed as needed. A client can generically discover log value but all instances have the same node tree vice protocols this abstract service definition guaran- read and write of their data points. When a server or browse through the server’s instance and type below the instance nodes and the type node. tees a defined and interoperable set of functionality supports the full profile of a “Standard UA Server” it system following certain references. Hence the client which the communication partner can rely on. These can be easily enhanced. By adding event subscrip- services are fixed in terms of the signature of param- tions and method facets to the full featured profile, it eters and their behavior. They are grouped into func- becomes an Alarms&Condition UA Server. A detailed tional blocks depending on their task, the so called list of profiles and their contained conformance units Objects service set. Even though a server must propagate can be found on the OPC Foundation website: Object Instance AnalogMeasurement

functionality, a basic set of services is mandatory for www.opcfoundation.org/profilereporting Pressure Measurement InstrumentRange all servers to insure minimum of basic functionality EURange like connection establishment. Temperature_1 SystemAlarm EngineeringUnits

Temperature_2 LevelAlarm HH_Level

H_Level Service Set Description L_Level ObjectTypes Discovery Obtain endpoint and security information needed for connect attempt LL_Level

SecureChannel Establish a secure end-to-end communication channel BaseObjectType Object Type AnalogMeasurement

Session Create and manage sessions and authenticate user credentials AnalogMeasurement Measurement InstrumentRange

NodeManagement Modify the address space of a server EURange SystemAlarm EngineeringUnits View, Query Browse and request filtered information and view on the servers address space

LevelAlarm HH_Level Attribute Read and write values of variables and other node attributes including the history of data and events H_Level Method Invoke methods that a server may offer L_Level

Suscription, MonitoredItem Monitor variable values for data changes and objects for event notifications LL_Level 14 OPC UA Technology in Detail 15

Security features. Similar to the WS SecureConversation Platform Independence All service calls in OPC UA are designed for access- OPC UA addresses all the security threads modern used in the web service binding, the OPC UA Secu- The available communication stacks cover almost ing large amounts of data and at the same time re- interlinked industrial devices are facing today. Secu- reConversation in the UA Binary protocol uses mes- every platform known today. The Java implementa- ducing the used bandwidth as much as possible. For rity is not optional and was built into the core of OPC sage-layer-encryption based on shared security con- tion requires Java runtime environment JRE1.6. and fast access OPC UA defines all services as multi UA. The core security features of OPC UA are: text, the so called secure channel. can be run on Android based devices up to Win- node function e.g. a single read request can read ➞ Authentication For double sided authentication of the applications dows or Unix based enterprise servers. The .NET several thousand nodes at once. To avoid the trans- ➞ Authorization the well accepted asymmetric cryptographic PKI implementation requires Microsoft .NET Framework mission of thousands of node names in each re- ➞ Confidentiality mechanism using X.509 certificates is used. It fully 3.5 which is available on XP up to Windows 7 and 8 quest, OPC UA defines node registration service. ➞ Integrity supports certificate authorities (CA) for easy adminis- Desktop including the 64bit variants. Once registered at the server, the following read ser- ➞ Auditability tration and support of trusted chains in large net- The ANSI C implementation has the highest flexibili- vices can use a handle for fast access and fast trans- ➞ Availability works. In addition OPC UA defines authorization ty. It is completely platform independent and all op- mission of the data. mechanism for application layer security in terms of eration system specific code is capsulated in a plat- The subscription services monitor tags for changes user identification using user/password or personal form layer. There are platform layers available for and only notify the changed values, such that the Windows, Linux but also for real time OS like Win- bandwidth is minimized without loosing information. dows CE, VxWorks, QNX, RTOS, and many others. For each subscribed node an individual sampling Feature UA Native Binary UA XML Web Service The ANSI C stack can be compiled for Intel, ARM rate and individual queuing allows extreme fast scan- and PowerPC architectures and many others. It can ning of data at the data source. The server can send Confidentiality Options: encrypt all messages or encrypt only WS SecureConversation: channel management XML Encryption (WS Security) be optimized for a certain use case and it can run in the queued data at once, so that it gets published Encryption: AES (symetrix), RSA (asymetric) single or multi-threaded mode. It is currently the fast- to the client by highly effective transmission over est of the three stacks and the smallest in size. In the wire. Integrity No message alteration: HMAC or RSA WS SecureConversation: encryption, SHA1 hash, periodical key change XML Signature (WS Security) addition there are implementations available that do No message sequence alterations: Nonce, not even need an operating system. These bare met- Robust COMMUNICATION Timestamp al C stacks can be used on microcontrollers and they OPC UA communication follows the client-server Application Authentication X.509 certificates are exchanged when the security context establishment and sharing, come with their own TCP implementation. paradigm, even though it is expected that most secure Channel is established session key derivation (WS SecureConversation) products will be both, client and server. The client validate credentials, request and issue security Speed and Throughput sends an asynchronous service request and receives tokens (WS Trust) using any of: User/Password, Kerberos, X.509 Even though today’s TCP based bindings of OPC UA a response from the server. Every single service call are not suitable for deterministic hard real time com- contains a configurable timeout until the client will User Authentication Optional user security token types: User/Password, X.509, Issued Token like Kerberos and Anonymous munication, because they use standard TCP, the re- wait for response to arrive. This insures a highly re- Server application can validate the user’s token sponse time and the general speed and throughput sponsive system. Sequence numbers are used to are impressive. Future protocol bindings may sup- identify the corresponding request/response mes- User Authorization Product developer specifies user authorization scheme, implements scheme in server application port deterministic communication, the abstract ser- sage pairs.

Auditing All security events are recorded, traceable through intermediate nodes, minimum required set of vice definition of OPC UA supports priority handling When subscribed to notifications of events or value logged parameters (for interoperability) of publish messages. changes, each published response of data is ac- knowledged by the client with the next publish Availability Depends primarily on infrastructure and the Site for protection, minimum processing before authentication request. In case of connection interruption or transmission failure the server keeps the unacknowledged messages and resends them when connection is Besides the transport connection a UA client and certificates. The individual data points within an OPC up again. Data collected in the meantime will be server build up a secure channel, a virtual end to end UA server itself have access rights comparable to a buffered or queued by the server such that no data connection on the communication layer and they es- Linux file system (rwx). With a granularity down to a gets lost during short network interruptions. OPC UA tablish a session, the virtual communication relation single node with their attributes, a certain group or insures robust data transmission without the loss of ship, on the application level. individual user may be granted read access. Only an data, even on an unreliable transport medium. Integrity and confidentiality of the messages between operator or administrator may write a value to this the communication partners is insured by signing node, whereas a guest may not even see or browse and encrypting of messages. Keys are updated after this tag. OPC UA defines audit mechanisms to keep certain time and changed while communicating. This track of who modified which value and when and is an integral part of the communication stack. The these audit events are logged in the server. Therefore UA Stack interfaces provide both a Public-Key-Infra- OPC UA is usable in food and pharmaceutical do- structure (PKI) and crypto library to provide security mains fulfilling FDA rules. 16 Compliance and certification 17

Test Tools Certification Program – There are different test tools available to validate the correct function of an OPC UA server or client prod- The Key to Successful Interoperability uct. As an OPC member you have access to all the tools and test code. Members also have access to the OPC Compliance Test Tools (CTT) to ensure OPC products meet the appropriate specifications. The script based tool can be enhanced with self cre- Especially for OPC UA the OPC Foundation has en- Interoperability Testing ated product specific test cases. Also the CTT can hanced the certification program. The end-users’ In addition to test lab certification, the OPC Founda- be integrated into your company’s automated sys- demand for high quality products and reliable com- tion hosts workshops for interoperability testing tem and regression test. munication led to the foundation of a dedicated (IOP), which are held around the globe. There are working group inside the OPC Foundation. The three IOPs each year: North America, Europe and group has defined test procedures and test cases Asia. Members can participate and test their new including the development of test tools. The goal is products against the software and devices of other to provide useful tools for testing and development members. During the five day session typically 40 to having highest possible coverage in automated test- 60 products are tested. The high number of clients Certification that Matters ing. Not only compliance to the specification is test- and servers create an extraordinary test environ- ed, but also typical error scenarios and environmen- ment, you would never be able to set up on your tal conditions are evaluated. Ease of use is also a own. The IOP is an valuable endorsement of prod- focus of the certification program. Certified products ucts. Each client participating must connect and in- »The Certification Programme is a key benefit of »With a global customer base, we hold our Matrikon are listed as OPC-compliant products in the interac- teract with each server and execute a set of opera- OPC Foundation membership. Extensive functional OPC products and solutions to the highest quality tive OPC Product Guide on the OPC Foundation tions defined in a test matrix. The results of the testing with the CTT and interoperability testing in the standards. Based on this commitment to quality – web site. session are published in a database. lab has helped us deliver a product of the highest we were pleased to work the OPC Certification lab to For many years the European IOP workshop has quality.« be the first OPC vendor in the Americas to achieve Certification been hosted by Siemens in Nuremberg, Germany. independent, 3rd party OPC UA Certification. The OPC Foundation corporate members can test their Since 2010 there have been more UA products reg- Liam Power, Embedded Labs lab personnel were experienced professionals which, OPC server and client products at the OPC Founda- istered than classic OPC products showing the helped make the process straightforward.« tion Certification Test Lab. Objective certification strong commitment to OPC UA technology and in- »We achieved Independent confirmation of the high- testing by the independent test lab guarantees that teroperability of high quality products. During the est product quality, which is well applicable as sales Rod Stein, MatrikonOPC your products comply with the following: event you can meet and network with other develop- argument and appreciated informative discussions ➞ Compliance to the OPC Specifications ers, testers, and the core team of OPC UA technol- with OPC Senior Experts about further opportunities »No matter how much history exists on a product’s ➞ Interoperability with other vendors’ products ogy enthusiasts. with OPC UA.« OPC interface, there is nothing better than the en- ➞ Robustness and recovery from disaster dorsement from an independent party – especially ➞ E fficiency of CPU, RAM, and bandwidth etc. Rene Bernhard, Siemens when it comes from the OPC Foundation, the orga- ➞ Usability insures a good user-experience. nization responsible for the definition of these stan- »Becoming lab certified by the OPC Foundation in- dards.«

stills confidence to our customers and potential cus- Tony Paine, Kepware Technologies tomers that our software products are held at the highest level of interoperability and reliability.«

Ron DeSerranno, Mobiform Software, Inc. 18 Case Studies 19

Machine Manufacturing Renewable Energy

Arburg – OPC UA enables machine manufacturer delivery reliability AREVA uses OPC UA for monitoring offshore wind farm

»We were looking for a globally accepted data exchange standard and found it in the form of OPC Unified Architecture.«

Michael Vieth, Group Leader TA Control Technology, ARBURG GmbH + Co KG

High delivery reliability through continuously available key data OPC UA was the favored technology in ‘Alpha Ven- and protected by firewalls, configuration and admin- Customers of Arburg moulding machines can cen- tus’, an offshore wind park test site in the North Sea, istration becomes a difficult and time-consuming trally manage product, tool and material master data, 45 kilometers from the German coast. The fully auto- task. In the past VPN tunnels for secure transmission as well as capture data online regarding order pro mated wind turbine controlled by a Windows Em- and remote desktop connections were used, but gress, machine status, process parameters and bedded CE with IEC6-1131-3 logic and OPC UA OPC UA includes encrypted transmission and adds alarms. server is connected to operators to constantly moni- user authentication and audit functionality down to They can also determine key data on orders in same tor plant and equipment conditions remotely from individual data points. progress, production shifts and production quality at onshore control room on a .NET platform. The fast and secured communication, between in- any time. All this runs silently in the background via Compared to other open standards the inherent se- dustrial automation and the enterprise systems that an OPC UA connection between the host computer curity and authentication mechanism of OPC UA support OPC UA industry standards, delivered im- system and the machine. This allows the user to was the determining factor for this decision. portant business and technical benefits, reduced ad- receive reliable data and enables them to use the With a complex network infrastructure including dif- ministration combined with high reliability machines existing capacities to their fullest extent, and thus ferent subnets and domains, connected via routers via OPC UA. achieve high delivery reliability. Platform independence through OPC UA While the embedded OPC UA server runs under VxWorks on the visualization CPU of the control »The integration of OPC UA Client functionality system, the OPC UA client runs in a Java environment, showing platform independence of the into our SCADA software was an important step OPC UA standard. Just as customers can connect their own host computer systems to the Ar- towards OPC UA technology.« burg injection moulding machines via OPC UA, the Arburg host computer system can access Bernd Zickert, Head of Development, Multibrid third-party injection moulding machines via OPC UA. 20 Case Studies 21

Scientific DiscretE Manufacturing

KU Leuven uses OPC UA for ground based observatory control Elster GmbH connect shop floor to SAP ME top floor

Astronomical observatories are complex distributed sults to the Mercator Telescope based at the in- Elster uses SAP ME as their Elster is using high-performance Windows Embed- real-time systems encompassing a wide range of ternational observatory of La Palma on Canary standard for traceability and ded CE controllers with an integrated OPC UA server technology domains. The integration of industrial au- Islands, Spain. Researchers of the KU Leuven process controlling directly in the PLC, thereby simplifying the system tomation components such as Programmable Logic considered OPC UA suitable to serve as the “More customers demand comprehensive and fast environment and keeping the PLC and OPC UA Controllers (PLCs) and supervisory software has long “backbone” technology of ground-based obser- access to production data.” Dr. Schlichtegroll, Key server always in sync automatically. This results in a been hampered by the lack of an adequate industrial vatory control systems. With respect to a “gen- Account Manager for OEM customers in the heating fast connection but also easy to handle commission- communication technology. With OPC UA, these eral purpose” middleware, OPC UA is naturally energy sector, sees a clear trend: “In the near future ing and service without special programming knowl- limitations are now eliminated and in addition a pow- more tailored to facilitate interaction between the a high-performance MES will become a key factor edge. Using OPC UA opens up new possibilities for erful new range of functionality has become avail- components of a heterogeneous and distributed for winning new orders.” lean PLC coding by using SAP ME routing informa- able. control system. The engineers proceeded by An MES roll-out places special demands on Manu- tion to control the assemble and test steps. The extensive OPC UA support for standard com- implementing the control of a new scientific in- facturing IT, such as safe and high-performance in- We see OPC UA as an important standard for ERP munication paradigms and information modeling of- strument and a new support for the tertiary mirror terfacing with production (shop floor control) and the communication via MES right down to the smallest fers the engineers of the Catholic University of Leu- of the Mercator telescope, on commercial PLCs higher-level MES and ERP layers. embedded system. Trends such as “Industry 4.0” ven, Belgium the opportunity to shift from their with on-board OPC UA server. These PLCs were For direct communication based on high-level lan- and “Internet of Things” show the way to compre- traditional custom communication solutions towards integrated within the Scientific Linux infrastruc- guages Elster uses the comprehensive SAP ME web hensive networking that goes far beyond the factory an industry standard, as they apply their research re- ture of the observatory via OPC UA. services interface. In most cases PLCs and ma- boundary. Safe communication that is independent chines have no option for calling web services. This of the operating system is a prerequisite for achiev- means that ideally a technology is needed that deals ing the smart factory aim. with the communication to the MES system without additional effort in the PLC source code. OPC UA offers ideal prerequisites for this purpose. 4 5 1 1 Print Serial Number 3

2 Assembly 2

3 Leakage Test

4 Functional Test

5 Packing

»OPC UA is a reliable, high performance and easy to use interface which allows our PLC software engineers to connect MES without additional effort.«

Roland Essmann, Head of Laboratory Controls and Project Leader MES, Elster GmbH 22 Collaboration 23

Collaboration with other organizations

Cooperation with other standardization organisations was important for OPC UA from the beginning. The simple extensibility by information models makes OPC UA very interesting for other standardization organizations. They only have to define which information has to be exchanged, but no longer how the information must be exchanged. Before the start of the OPC UA specification, it was one of the most important require- ➞ Information model in a standardized format Interoperability On The Next Level ments that OPC UA, as a universal communication platform and IEC standard can form a basis for other – provide semantic identical access to various The IEC 61131-3 standard defines various program- standards. vendor PLC’s ming languages and a software model for the pro- ➞ PLCopen-OPC UA function blocks enable gramming of control systems. The implementation of OPC UNIFIED ARCHITECTURE COMPANION SPECIFICATIONS – Controller act as UA client this software model on an OPC UA server address OPC UA consists of a list of specifications for the basic functions and the information models based on them, – Controller invoke methods in UA server space is defined in the combined PLCopen and such as Data Access and Alarms & Conditions. Specifications that define further information models beyond ➞ Vertical: Moving information from shop floor to OPC Foundation specification. Thus, corresponding that are called Companion Specifications. enterprise OPC UA object types are created from declarations ➞ Horizontal: controller-to-controller connectivity of function blocks in the PLC and corresponding HOW ARE COMPANION SPECIFICATIONS CREATED? ➞ Secure, remote “out-of-the-PLCopen-box” OPC UA objects from instances of the function OPC UA Companion Specifications are developed in various ways. One possibility is a working group of OPC communication blocks. The advantage is that a control program, re- members within the OPC Foundation which defines an information model for special branches of industry or ➞ Rapid engineering for HMI / MES / ERP gardless of the controller being used and the OPC areas of application. E.g. the specification OPC UA for Analyzer Devices (ADI) was created in this way on the UA server, is always implemented in the same struc- basis of customer requirements. Another possibility is a common working group with one or more other or- ture of objects in the address space. ganisations with the objective of defining an OPC UA information model for a standard outside the OPC Foundation. The information model OPC UA for IEC 61131-3 was created in this way with PLCopen.

»Communication is not about data. Communication is about information and access to that in an easy and secure way. This is what the cooperation PLCopen and OPC Foundation is all about. OPC UA Technology creates the possibility for a transparent communication independent of the network, which is the foundation for a new communication age in Collaboration industrial control.« Eelco van der Wal, Managing Director PLCopen

– PLCopen – BACnet Interest Group www.plcopen.org – FDI Cooperation – EDDL and FDT – MESA, MES-D.A.CH. – OMAC – Mimosa, ISA-95, ISA-88 – MTConnect – Smard Grid – ODVA – MDIS 24 Collaboration 25

UniversAL mAChine COnneCtivity FOr OPC UA Information Model for BACnet mes – UMCM is: the neW stAndArd tO OPC UA model ➞ Cooperation between OPC Foundation and COnneCt mAChines tO mes. BACnet Interest Group Europe BACnet ➞ Based on the PLCOpen ICE 61131-3 standard, Objects ➞ Enables BACnet enterprise integration it defines a set of complex data profile required through OPC UA by MES systems. ➞ Enables cross domain connectivity ➞ OPC UA provides the fast, secured transport Building Automation with BACnet from controller to MES in a semantic identical Industrial Automation with OPC UA way

Typical Use-Cases of the OPC UA / BACnet mapping: ➞ Observation: Building automation may be ➞ E ngineering: The configuration of building »The fusion of automation technologies and information technologies observed/controlled by enterprise systems and automation systems may be modified using the requires 2 key elements. First – an intelligent network based system multi-domain integration allows connecting mapping profile. which is able to create rule based decisions and which could store data industry automation to building automation. ➞ M aintenance: Access to runtime information – that is a Manufacturing Execution System (MES) – and perhaps more ➞ Operations: Beyond simple data-exchange like alarm-detection or schedule programs offers important, secondly – a communication layer that is fast, platform access to historical data, alarms and schedule configuration of BACnet devices from OPC UA independent, scalable, secure and could be integrated horizontally and programs offers a very detailed depth of integra- systems. vertically from the device level to ERP level – OPC UA. So we have – tion. regardless of the location of the data storage – an industry 4.0 or a so-called cyber-physical system (CPS).«

Angelo Bindi, Senior Manager Central Control and Information Systems, »The benefits of connecting BACnet and OPC UA are various. Building Continental Teves, MES DACH Board member automation components may provide data, alarms, schedule programs, www.mes-dach.de trend-log information and remote device management to enterprise systems. Connecting OPC UA components to building automation management systems or devices opens the connectivity to industry systems.«

Frank Schubert, Member of the Advisory Board of the BACnet Interest Group Europe

DEVICE CONFIGURATION The OPC UA services supported by the FDI server allows www.big-eu.org safe and secure access to the device or to stored offline data. Generic OPC UA clients can be maintenance tools or a MES or ERP system.

FDI USES SCALABILITY OF OPC UA The FDI standard allows the implementation of different software architectures for a host. A host can be implemented starting from a tool for a single user up to a distributed multi-user application with a client/server-architecture which typically consists of three main components: FDI clients, an FDI server and one or more FDI communication servers.

www.fdi-cooperation.com 26 OPC UA Specification FURTHER INFORMATION 27

OPC UA is IEC 62541 OPC Foundation Website www.opcfoundation.org

OPC UA technology was presented to the Interna- OPC UA Specification Regional OPC Foundation Websites with all details ➞ OPC UA Technology ➞ Downloads tional Electrotechnical Commission (IEC). The na- The OPC UA specification is a multipart specifica- regarding regional activities can be found here: ➞ OPC Foundation (White papers, specifica- tional representatives worked closely together and tion. In contrast to the COM based specifications, ➞ Europe: www.opcfoundation-events.com ➞ Case Studies tions, sample code, test OPC UA quickly became an IEC standard. This the UA specification is not only a user specification. ➞ Japan: www.opcjapan.org/eng/index.asp ➞ Certified Product List tools, …) shows the importance and relevance of OPC UA as Most parts of the multipart spec describe OPC UA ➞ China: www.chinaopc.org ➞ Vendor List ➞ Regional Area an internationally accepted and open standard that internals, that are implemented and handled by the ➞ Product Search (Europe, Japan, China) is usable far beyond the industrial automation do- UA communication stacks. This information is only ➞ Member List ➞ Videos main. Being an open IEC standard made OPC UA interesting for developers that want to port the UA ➞ Member Press Releases ➞ Webinar Recordings the sustainable and credible communication tech- stack to other platforms or those who want to imple- ➞ Member Login Area ➞ IP Policy nology for multivendor interoperability. ment a new UA stack from scratch. However, UA ➞ Newsletters and Articles ➞ Support Area application developers will typically use only the API ➞ Blogs ➞ Careers documentation. For implementers of UA server and ➞ Upcoming Events Core Specification Parts Access Type Specification Parts clients mainly the part 3, 4, and 5 are of interest.

Part 1 – Concepts Part 8 – Data Access There are 3 groups categorizing Part 2 – Security Model Part 9 – Alarms & Conditions the multiple parts of the OPC UA Further Information specifications: Part 3 – Address Space Model Part 10 – Programs MEMBERSHIP INFORMATION

➞ 1. Core Specifications: V1.1 GB V1.1 GB V1.1 GB V1.1 GB OPC FOUNDATION – www.OPCfOUndAtiOn.Org OPC FOUNDATION – www.OPCfOUndAtiOn.Org OPC FOUNDATION – www.OPCfOUndAtiOn.Org OPC FOUNDATION – www.OPCfOUndAtiOn.Org

Part 4 – Services Part 11 – Historical Access Becoming an OPC Foundation Member is more than just easy! Membership provides Open Open Manufacturer-specific extensions Open Open OPC Unified Architecture – – > 450 members OPC Unified Architecture – > 450 members OPC Unified Architecture – – > 450 members Cooperation of OPC Foundation and PLCopen – > 450 members – Platform-neutral – Platform-neutral Information models of – Platform-neutral – Platform-neutral the best way to stay up-to-date with technology and to reach the community most inter- other organisations Advantages and possibilities of use – All areas of application Secure communication with IEC 62541 OPC UA – All areas of application The universal communication platform – All areas of application Interoperability of the new generation – All areas of application DA AC HA Prog ested in the value and benefits of OPC. With membership comes privileges … for manufacturers and users of – All connections – All connections for standardised information models – All connections – All connections Base services of OPC UA automation, IT or MES products Get Full Access to the workshops and test their products for in- Productivity Productivity Productivity Productivity Contains the basic concepts of UA technology – Industry standard – Industry standard – Industry standard – Industry standard OPC Specifications teroperability. Annual events are hosted in ➞ OPC Unified Architecture brings can also be described completely Cooperation with other ➞ OPC Foundation and PLCopen have com- an OPC UA server address space is defined in ➞ OPC is the interoperability standard for your geographical region in Europe, North OPC UA – Manufacturer-independent – Manufacturer-independent two elementary innovations into with OPC UA. The object-oriented standardisation organi- – Manufacturer-independent bined their technologies to form one platform and the common specification adopted by both- or – Manufacturer-independent – Interoperability – Interoperability – Interoperability – Interoperability secure, reliable and platform-independent America and Japan. OPC Foundation ➞ OPC Unified Architecture is the on which they are used. OPC UA the OPC world. On the one hand, rules according to which the ad- sations was important manufacturer-independent information and com- ganisations. – Reliability – Reliability – Reliability – Reliability information exchange. The OPC specifica- (OPCF) corporate members can add extra new technology generation of the supplements the existing OPC the Microsoft Windows-specif- dress space of an OPC UA server for OPC UA from the munication architecture. The mix of OPC Unified Thus corresponding OPC UA object types are tions define the interface between clients value to their product by applying for the OPC Foundation for the secure, industry standard by important Standardised transport of raw data and pre-processed infor- ic protocol DCOM is replaced is structured and the OPC UA in- beginning Architecture (UA) and IEC 61131-3 is thus the created from declarations of function blocks in Why Join the OPC Foundation? and servers, as well as servers and servers, highest quality logo awarded by the OPCF. reliable and vendor-neutral trans- characteristics such as platform communication Collaboration mation from the manufacturing level into the pro- Collaboration by open, platform-independent terface for accessing it are thereby Collaboration future-safe basis for the realisation of automation the PLC and corresponding OPC UA objects Collaboration for different fields of applications, includ- The OPCF certifies products in independ- port of raw data and pre-pro- independence, scalability, high via internet and – Device Integration duction planning or ERP system. – Device Integration protocols with integrated secu- kept so general that OPC UA can This simple extensibility by in- – Device Integration tasks. from instances of the function blocks. – Device Integration ing access to real-time data, monitoring ent test facilities in Europe and in North cessed information from the man- availability and Internet capability. via firewalls – IEC 61131-3 / PLCopen With OPC UA, all desired information is available – IEC 61131-3 / PLCopen rity mechanisms. On the other, be regarded as a network-capa- formation models makes OPC – IEC 61131-3 / PLCopen The objective is to increase the reusability of con- – IEC 61131-3 / PLCopen WHY JOIN THE OPC FOUNDATION (OPCF)? – Analyzer Device Integration – Analyzer Device Integration UA very interesting for other – Analyzer Device Integration – Analyzer Device Integration of alarms and events, access to historical America. (See reverse side for a full explanation ufacturing level into the production OPC UA is no longer based on to every authorised application and every autho- the proven OPC features, such ble programming language. OPC troller- and visualisation modules and their com- BEnEfitS – ISA-95, ISA-88 – ISA-95, ISA-88 standardisation organisations. – ISA-95, ISA-88 – ISA-95, ISA-88 data and other applications. of corporate membership classes.) planning or ERP system. With DCOM, but has been conceived ➞ OPC UA uses an rised person at any time and in any place. This as Data Access, Alarms & Events UA only becomes specialised for munication and thus to considerably increase ef- This results in the advantage that a control pro- 1. Obtain full access to new OPC Specification – MTConnect – MTConnect They only have to define which – MTConnect – MTConnect and the security model, and contains abstract optimized TCP-based UA As an OPC Foundation corporate mem- Why certify? Objective certification test- Release Candidates and latest technology OPC UA, all desired information is on the basis of a service-oriented – Smard Grid function is independent of the manufacturer from – Smard Grid and Historical Data Access, are automation technology through information is to be exchanged, – Smard Grid ficiency in the engineering process. gram, regardless of the controller on which it is – Smard Grid binary protocol for data ex- Part 5 – Information Model ber, you get complete and early access to ing by the independent test lab guarantees enhancements as well as new features. available to every authorised appli- architecture (SOA). OPC UA can – Field Device Integration which the applications originate, the program- – Field Device Integration summarised in an object-oriented specific information models such but no longer how the informa- – Field Device Integration executed and the OPC UA server via which the – Field Device Integration change; Web Services and the OPC specifications before the general that your products comply with the OPC cation and every authorised per- therefore be ported very easily. – EDDL and FDT ming language in which they were developed or – EDDL and FDT model and supplemented by new as Data Access, Alarms & Condi- tion must be exchanged. Be- – EDDL and FDT OPC UA fOr iEC 61131-3 (PLCOPEn) data is accessed, is always implemented in the – EDDL and FDT 2. Actively participate in Working Groups, drive HTTP are additionally sup- fore the start of the OPC UA public. You can even join working groups specifications, interoperate with third-party technology forward and influence the tech- son at any time and in any place. Today, OPC UA already forms ported. It is sufficient to the operating system on which they are used. and powerful features, such as tions, Historical Access and Pro- The IEC 61131-3 standard defines various pro- same structure of objects in the address area. For specification, this was one of and engage in the development of ongoing products, and have passed reliability, us- nology with your requirements, ideas and This function is independent of the the bridge between the Enterprise open up just a single port in OVErViEw Of OPC UA On the basis of a service-orientated architecture methods and type systems. As a grams. For these information mod- gramming languages and a software model for UA clients, this results in always identical UA ac- AddrESS: AddrESS: the most important require- AddrESS: AddrESS: specifications. ability and robustness testing. know how. manufacturer from which the ap- level down to embedded automa- a firewall. Integrated secu- ➞ OPC Unified Architecture (OPC UA) is the new (SOA), OPC UA forms the bridge between the result, not only can the OPC inter- els, there is no longer any need to the programming of control systems. The imple- cess at the semantic level. ■ ments that OPC UA as a uni- plications originate, the program- tion components – independent of rity mechanisms ensure se- technology generation of the OPC Foundation company management level and embedded au- face be directly integrated into sys- extend the basis and the protocols mentation of this IEC61131-3 software model on 3. Get free use of OPCF test tools that support OPC Foundation OPC Foundation versal communication platform OPC Foundation OPC Foundation cure communication via the Get hands on Tools that Connect with the OPC Community you in development of high quality products ming language in which they were Microsoft-, UNIX- or other operat- 16101 N. 82nd Street for the secure, reliable and manufacturer-neutral tomation components. ■ 16101 N. 82nd Street tems on arbitrary platforms with or the programming interfaces. ■ and IEC standard can form a 16101 N. 82nd Street 16101 N. 82nd Street Internet. support your development ➞ With almost 500 member companies, and speed up development and testing. developed or the operating system ing systems. ■ Suite 3B Suite 3B different programming languages, basis for other standards. Suite 3B Suite 3B ➞ OPC Foundation corporate members the OPC Foundation is the world’s lead- Scottsdale, AZ 85260-1868 Scottsdale, AZ 85260-1868 but arbitrary complex systems Scottsdale, AZ 85260-1868 Scottsdale, AZ 85260-1868 description of UA meta model and UA services, 4. Certify products at an accredited, independ- USA USA USA USA can use and redistribute the OPC Founda- ing community for interoperability solutions Utility Type Specification Parts ent Certification Lab in your region. Certifica- tion deliverables, common components, based on the OPC specifications. tion logo adds substantial value to your prod- communication stacks and shared appli- All OPC Foundation members—includ- uct and is demanded in many open tenders. COntACt: Secure concepts COntACt: COntACt: COntACt: cations. Members also have access to the ing corporate, end-user and non-voting 5. Participate in promotion and marketing Phone: (1) 480 483-6644 Phone: (1) 480 483-6644 Phone: (1) 480 483-6644 OPC UA – interoperability at the semantic level Phone: (1) 480 483-6644 OPC Compliance Test Tools (CTTs) to en- members—can proudly display the OPC events, get your company and product Security was a central requirement in the development of OPC UA. it is addressed in various areas: Fax: (1) 480 483-7202 Fax: (1) 480 483-7202 OPC UA – Standardised communication acc. to IEC 62541 Fax: (1) 480 483-7202 Fax: (1) 480 483-7202 sure your OPC products meet the appro- Foundation logo and the OPC Founda- shown on exhibitions, road shows and [email protected] [email protected] [email protected] COMPAniES PArtiCiPAting COMPAniES PArtiCiPAting [email protected] priate specifications. tion Member logo. For the OPC technol- events, get your company profile and prod- OPC Unified Architecture – Standardised communication in tHE SPECifiCAtiOn in tHE dEMO Corporate members can list OPC- ogy suppliers, the OPC Foundation offers ucts listed on the OPCF website. AUtHEntiCAtiOn And AUtHOriSAtiOn Of intEgrity OPC UnifiEd ArCHitECtUrE COMPAniOn group of OPC members within the OPC Foundation infOrMAtiOn: infOrMAtiOn: infOrMAtiOn: infOrMAtiOn: ➞ Part 6 – Service Mappings compliant products in the interactive OPC a complete marketing program, including 6. Participate in Interoperability Workshops USErS The signing of messages prevents a third party SPECifiCAtiOnS which defines an information model for special also contains the concrete UA information model Product Guide on the OPC Foundation a newsletter, web site and educational (IOP) and test your product against others. PrOtECtiOn AgAinSt UnAUtHOriSEd dAtA SECUrity And rELiABiLity www.opcfoundation.org ➞ On establishing a connection, the user identifies from changing the contents of a message. www.opcfoundation.org ➞ OPC UA consists of a list of specifications for the branches of industry or areas of application. www.opcfoundation.org www.opcfoundation.org web site at www.opcfoundation.org events. For the OPC end-user community, dAtA ACCESS ➞ OPC UA defines a robust architecture with reliable himself via This prevents, for example, a write statement to basic functions and the information models based The specification OPC UA for Analyzer Devices (ADI) 7. Connect with the OPC developer and user membership offers you the chance to col- ➞ The OPC UA technology uses a mature security communication mechanisms, configurable timeouts, • X.509 certificates open a switch being falsified by a third party and the on them, such as Data Access and Alarms & Condi- was created in this way on the basis of customer community. Certify Your Products for Compliance laborate with the OPC developer commu- concept to ensure protection against unauthorised automatic error detection and recovery mechanisms. • User name / password switch being closed instead. tions. Specifications that define further information requirements. Another possibility is a common work- ➞ OPC members can participate in IOP nity to build best-in-class solutions. ■ access or sabotage of process data and as well The communication connections between OPC UA • or Kerberos models beyond that are called Companion Specifi- ing group with one or more other organisations with SECUrity ALrEAdy AVAiLABLE Part 12 – Discovery against errors due to careless operation. The OPC clients and servers can be monitored. OPC UA offers Thus all common user administration systems such cations. the objective of defining an OPC UA information COMPAniOn UA security concept is based on World Wide Web redundancy features that can be applied to server as Microsoft Active Directory are supported. model for a standard outside the OPC Foundation. ➞ X509 certificates SPECifiCAtiOnS THE OPC FOUNDATION IS … COMMUNITY: COMPLIANCE: COLLABORATION: standards and encompasses options for user au- and client applications to prevent loss of data and to ➞ OpenSSL encryption Furthermore, the access rights (for example for the HOw ArE COMPAniOn SPECifiCAtiOnS The information model OPC UA for IEC 61131-3 was ➞ The world’s leading community ➞ The official source for the ➞ The collaboration with other or- thentication, the signing of messages and the en- implement highly available systems. ■ ➞ User / password reading and writing of values) can be specified in a CrEAtEd? created in this way with PLCopen. ■ ➞ OPC UA for Devices for interoperability solutions based OPC Certification Program, ensur- ganizations advances the adoption cryption of the transmitted user data. ➞ Access rights for each fine-grained manner per user. ➞ OPC UA Companion Specifications are devel- ➞ OPC UA for Analyzer Devices and protocol mappings, plus the concept of pro- on OPC specifications that deliver ing OPC products plug and play in and use cases of OPC based attribute oped in various ways. One possibility is a working ➞ OPC UA for IEC 61131-3 universal connectivity. real-world applications. products. Part 7 – Profiles files for scalability Part 13 – Aggregates OPC Foundation OPC UA Security Collaboration Collaboration Membership Overview Overview PLCopen ➞ 2. Access Type Specifications: Benefits Contains the information model extension for the IEC Number Release Date OPC UA Specification Titel typical UA access types DA, A&C, HA and Pro- All flyers are available in English, German, French, Spanish, Italian. grams IEC/TR 62541-1 February 2010 OPC Unified Architecture – Part 1: Overview and Concepts

IEC/TR 62541-2 February 2010 OPC Unified Architecture – Part 2: Security Model ➞ 3. Utility Type Specifications:

IEC 62541-3 July 2010 OPC Unified Architecture – Part 3: Address Space Model Contains additional concepts for finding UA enabled components and endpoints in and across IEC 62541-4 October 2011 OPC Unified Architecture – Part 4: Services networks, and contains the description for aggre- Recomended Literature IEC 62541-5 October 2011 OPC Unified Architecture – Part 5: Information Model gates and calculation methods to be applied on OPC OPC historical values IEC 62541-6 October 2011 OPC Unified Architecture – Part 6: Mappings From Data Access to Unified Unified Architecture Architecture IEC 62541-7 July 2012 OPC Unified Architecture – Part 7: Profiles

IEC 62541-8 October 2011 OPC Unified Architecture – Part 8: Data Access ISBN 978-3-8007-3217-3 ISBN: 978-3-5406-8898-3

IEC 62541-9 July 2012 OPC Unified Architecture – Part 9: Alarms and conditions

IEC 62541-10 July 2012 OPC Unified Architecture – Part 10: Programs IEC 62541 Standard – Every OPC UA core specification is also available as open IEC 62541 standard. 28

Headquarters / USA OPC Foundation 16101 N. 82nd Street Suite 3B Scottsdale, AZ 85260-1868 Phone: (1) 480 483-6644 [email protected]

OPC Europe Eiserstrasse 5 33415 Verl Germany [email protected]

OPC Japan c/o Microsoft Japan Co., Ltd 2-16-3 Konan Minato-ku, Tokyo 1080075 Japan [email protected]

OPC China A-807, Jia Hao International Center, No 116 Zizhuyuan Road, Haidian District Beijing, 100097 P.R.China [email protected] www.opcfoundation.org