EasyManuals Logo

Siemens SIMATIC ET 200SP Function Manual

Siemens SIMATIC ET 200SP
362 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #151 background imageLoading...
Page #151 background image
OPC UA communication
9.2 Security at OPC UA
Communication
150 Function Manual, 11/2019, A5E03735815-AH
Signing
The signature makes it possible to prove the integrity and source of a message as detailed
below.
Signing starts with the sender creating a hash value from the plain text (plain text message).
The sender then encrypts the hash value with its private key and subsequently transfers the
plain text together with the encrypted hash value to the recipient. To verify the signature, the
recipient needs the public key of the sender (this is contained in the X509 certificate of the
sender). The recipient uses the sender's public key to decrypt the hash value received. The
recipient then forms the hash value themselves from the plain text received (the hash
process is contained in the sender's certificate). The recipient compares the two hash
values:
If the two hash values are identical, the plain text message has reached the receiver
unchanged and has not been manipulated.
If the two hash values do not match, the plain text message has not reached the receiver
unchanged. The plain text message has been manipulated or has been distorted during
transfer.
Encryption
Encrypting data prevents unauthorized parties from reading the content. X509 certificates
are not encrypted; they are public and can be viewed by anyone.
Encryption involves the sender encrypting the plain text message with the public key of the
recipient. To do so, the sender requires the recipient's X509 certificate, as it contains the
public key of the recipient. The recipient decrypts the message with their private key. Only
the recipient can decrypt the message: They alone hold the private key. The private key
must therefore never be disclosed.
Secure channel
OPC UA uses the private and public key of client and server to establish a secure
connection, the secure channel. Once the secure connection has been established, the
client and server generate an internal key only known to them which they both use for
signing and encrypting messages. This symmetric process (a shared key) is much faster
than asymmetric processes (private and public key).
See also
Creating self-signed certificates (Page 152)
Certificates with OPC UA (Page 151)
Secure Communication (Page 34)
Using certificates with TIA Portal
(https://support.industry.siemens.com/cs/ww/en/view/109769068
)

Table of Contents

Other manuals for Siemens SIMATIC ET 200SP

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Siemens SIMATIC ET 200SP and is the answer not in the manual?

Siemens SIMATIC ET 200SP Specifications

General IconGeneral
System TypeDistributed I/O System
MountingDIN Rail
Communication ProtocolPROFINET, PROFIBUS
IP RatingIP20
CategoryI/O Systems
Supply Voltage24 V DC
ModularityYes
Hot SwappingYes
Storage Temperature-40°C to +70°C
Digital InputsYes
Digital OutputsYes
Analog InputsYes
Analog OutputsYes
Communication InterfacePROFINET, PROFIBUS
Number of ModulesUp to 64
Relative Humidity5 to 95% (non-condensing)
Operating Temperature-25°C to +60°C

Related product manuals