The SecurityGroupFolderType is formally defined Table 176.

Table 176– SecurityGroupFolderType definition

Attribute

Value

BrowseName

SecurityGroupFolderType

IsAbstract

False

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

Subtype of FolderType defined in OPC 10000-5.

Organizes

Object

<SecurityGroupFolderName>

SecurityGroup FolderType

OptionalPlaceholder

HasComponent

Object

<SecurityGroupName>

SecurityGroupType

OptionalPlaceholder

HasComponent

Method

AddSecurityGroup

Defined in 8.5.2.

Mandatory

HasComponent

Method

RemoveSecurityGroup

Defined in 8.5.3.

Mandatory

HasComponent

Method

AddSecurityGroupFolder

Defined in 8.5.4.

Optional

HasComponent

Method

RemoveSecurityGroupFolder

Defined in 8.5.5.

Optional

HasProperty

Variable

SupportedSecurityPolicyUris

String[]

PropertyType

Optional

Conformance Units

PubSub Model SKS

The SecurityGroupFolderType ObjectTypeis a concrete type and can be used directly.

Instances of the SecurityGroupFolderType can contain SecurityGroup Objectsor other instances of the SecurityGroupFolderType. This can be used to build a tree of folderObjectsused to organize the configured SecurityGroups.

The SecurityGroup Objectsare added as components to the instance of the SecurityGroupFolderType. A SecurityGroup Object is referenced only from one folder. If the folder is deleted, all referenced SecurityGroup Objectsare deleted with the folder.

The SupportedSecurityPolicyUris Propertycontains a Stringarray with the SecurityPolicyUrissupported by the SKS. The Property shall be provided at the root SecurityGroupFolder. The default SecurityPolicyUriis the first array element.

This Methodis used to add a SecurityGroupType Objectto the SecurityGroupFolderType Objector to return an existing Objectif the parameters match the configuration of an existing Object.

The Clientshall be authorized to modify the configuration for the SKSfunctionality and shall use at least a signed communication channel when invoking this Methodon the Server.

Signature

AddSecurityGroup(

[in]StringSecurityGroupName,

[in]DurationKeyLifetime,

[in]StringSecurityPolicyUri,

[in]UInt32MaxFutureKeyCount,

[in]UInt32MaxPastKeyCount,

[out]StringSecurityGroupId,

[out]NodeIdSecurityGroupNodeId

);

Argument

Description

SecurityGroupName

Name of the SecurityGroupto add.

KeyLifetime

The lifetime of a key in milliseconds.

If 0 is passed in, the SKS sets the default KeyLifetime. If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the KeyLifetimeof the created SecurityGroup.

SecurityPolicyUri

The SecurityPolicyused for the SecurityGroup.

If a null or empty Stringis passed in, the SKS sets the default SecurityPolicyUri. If the SecurityPolicyUriis not known to the SKS, Bad_InvalidArgument shall be returned.

MaxFutureKeyCount

The maximum number of future keys returned by the Method GetSecurityKeys.

If 0 is passed in, the SKS sets the default MaxFutureKeyCount. If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the MaxFutureKeyCountof the created SecurityGroup.

MaxPastKeyCount

The maximum number of historical keys stored by the SKS.

If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the MaxPastKeyCountof the created SecurityGroup.

SecurityGroupId

The identifier for the SecurityGroup. The SecurityGroupIdshall match the SecurityGroupName.

SecurityGroupNodeId

The NodeIdof the added SecurityGroupType Object.

Method Result Codes

ResultCode

Description

Bad_NodeIdExists

A SecurityGroupwith the name already exists but the arguments do not match the existing object.

Good_DataIgnored

A Objectwith the configuration already exists and was returned without adding a new Object.

Bad_InvalidArgument

The SecurityPolicyUriis not supported by the SKS.

Bad_UserAccessDenied

The Sessionuser is not allowed to configure the object.

Bad_SecurityModeInsufficient

The communication channel is not using signing.

Table 177specifies the AddressSpacerepresentation for the AddSecurityGroup Method.

Table 177– AddSecurityGroup Method AddressSpace definition

Attribute

Value

BrowseName

AddSecurityGroup

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

HasProperty

Variable

InputArguments

Argument[]

PropertyType

Mandatory

HasProperty

Variable

OutputArguments

Argument[]

PropertyType

Mandatory

ConformanceUnits

PubSub Model SKS

This Methodis used to remove a SecurityGroupType Objectfrom the SecurityGroupFolderType Object.

The Clientshall be authorized to modify the configuration for the SKSfunctionality and shall use at least a signed communication channelwhen invoking this Methodon the Server.

See 8.3.2for details on the lifetime of keys previously issued for this SecurityGroup.

Signature

RemoveSecurityGroup(

[in]NodeIdSecurityGroupNodeId

);

Argument

Description

SecurityGroupNodeId

NodeIdof the SecurityGroupType Object to remove from the Server

Method Result Codes

ResultCode

Description

Bad_NodeIdUnknown

The SecurityGroupNodeIdis unknown.

Bad_NodeIdInvalid

The SecurityGroupNodeIdis not a NodeIdof a SecurityGroupType Object.

Bad_UserAccessDenied

The Sessionuser is not allowed to delete the SecurityGroupType Object.

Bad_SecurityModeInsufficient

The communication channel is not using signing.

Table 178specifies the AddressSpacerepresentation for the RemoveSecurityGroup Method.

Table 178– RemoveSecurityGroup Method AddressSpace definition

Attribute

Value

BrowseName

RemoveSecurityGroup

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

HasProperty

Variable

InputArguments

Argument[]

PropertyType

Mandatory

ConformanceUnits

PubSub Model SKS

This Methodis used to add a SecurityGroupFolderType Objectto a SecurityGroupFolderType Object.

The Clientshall be authorized to modify the configuration for the PubSubfunctionality when invoking this Methodon the Server.

Signature

AddSecurityGroupFolder(

[in]StringName,

[out]NodeIdSecurityGroupFolderNodeId

);

Argument

Description

Name

Name of the Objectto create.

SecurityGroupFolderNodeId

NodeIdof the created SecurityGroupFolderType Object.

Method Result Codes

ResultCode

Description

Bad_BrowseNameDuplicated

A folder Objectwith the name already exists.

Bad_InvalidArgument

The Serveris not able to apply the Name. The Namemay be too long or may contain invalid characters.

Bad_UserAccessDenied

The Sessionuser is not allowed to add a folder.

Table 179specifies the AddressSpacerepresentation for the AddSecurityGroupFolder Method.

Table 179– AddSecurityGroupFolder Method AddressSpace definition

Attribute

Value

BrowseName

AddSecurityGroupFolder

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

HasProperty

Variable

InputArguments

Argument[]

PropertyType

Mandatory

HasProperty

Variable

OutputArguments

Argument[]

PropertyType

Mandatory

ConformanceUnits

PubSub Model SKS

This Methodis used to remove a SecurityGroupFolderType Objectfrom the parent SecurityGroupFolderType Object.

A successful removal of the SecurityGroupFolderType Objectremovesrecursively all contained SecurityGroupType Objectsand all containedSecurityGroupFolderType Objects.

The Clientshall be authorized to modify the configuration for the PubSubfunctionality when invoking this Methodon the Server.

Signature

RemoveSecurityGroupFolder (

[in]NodeIdSecurityGroupFolderNodeId

);

Argument

Description

SecurityGroupFolderNodeId

NodeIdof the SecurityGroupFolderType Objectto remove from the Server.

Method Result Codes

ResultCode

Description

Bad_NodeIdUnknown

The SecurityGroupFolderNodeIdis unknown.

Bad_UserAccessDenied

The Sessionuser is not allowed to delete the folder.

Table 180specifies the AddressSpacerepresentation for the RemoveSecurityGroupFolder Method.

Table 180– RemoveSecurityGroupFolder Method AddressSpace definition

Attribute

Value

BrowseName

RemoveSecurityGroupFolder

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

HasProperty

Variable

InputArguments

Argument[]

PropertyType

Mandatory

ConformanceUnits

PubSub Model SKS