OPC UA communication
9.1 What you need to know about OPC UA
Communication
Function Manual, 11/2019, A5E03735815-AH
129
Standard and global discovery profiles
The "OPC UA Specification Part 7" defines additional profiles:
● The "Standard 2017 UA Server Profile", which is suitable for PC-based OPC UA servers
● 2 global profiles, "Global Discovery Server 2017 Profile" and "Global Discovery and
Certificate Management 2017 Server Profile", that cover the required service and
information models of a Global Discovery Server
Type-instance concept
OPC UA offers a fully networked (full-meshed network), object-oriented information model
for namespaces, including metadata for the object description. Any object structures can be
generated via referencing of the instances among each other and their types. Because
servers disclose their instance and type systems, clients can navigate through this network
and obtain all the information they need. Both instances and their type definitions are
available in runtime.
Procedures or concepts on how to handle references to types are optimized over time.
These optimizations lead to new versions of the OPC UA Specification (e.g. V1.03 =>
V1.04).
PLC tag mapping
The information of the OPC UA server (for example the PLC tags) is modeled as nodes
connected to one another via references. The semantics are displayed by the server in the
address space and can be acquired by clients (while navigating). This makes it possible to
browse from node to node with an OPC UA client and find out what content can be read,
monitored or written.
Integrated security mechanisms
OPC UA uses security mechanisms at various levels:
● A secure connection can only be established between an OPC UA server and an OPC
UA client if the client and server can register with X.509-v3 certificates and accept each
other's certificates (security at the application level). Various security policies are
possible, including an unsecured connection between server and client (Security Policy:
"No security").
● A server can always request the following information from the user for authorized access
(authentication):
- A user certificate (not configurable in STEP 7)
- User name and password
- No user authorization
The security mechanisms are optional and configurable.
See also
OPC Foundation (https://opcfoundation.org)
To Next Page
Loading...
Need help?
General
