UA Part 14: PubSub - 6.2.12.2 SecurityGroupDataType

This Structure DataType is used to represent the configuration of a SecurityGroup in a PubSub configuration of an OPC UA Application.

If the SecurityPolicyUri or the KeyLifetime of an existing SecurityGroup are modified, all existing keys of the SecurityGroup are invalidated. The behaviour is described for the InvalidateKeys Method in 8.4.2.

The SecurityGroupDataType is formally defined in Table 89.

Table 89 – SecurityGroupDataType structure

Name	Type	Description
SecurityGroupDataType	Structure
Name	String	Name of the SecurityGroup.
SecurityGroupFolder	String[]	Optional path of the SecurityGroupFolders used to group SecurityGroups where each entry in the String array represents one level in a folder hierarchy. If no grouping is needed the parameter is a null or empty String array.
KeyLifetime	Duration	The lifetime of a key in milliseconds. If the last available key expires and the Publisher does not receive a new key in two times the KeyLifetime it shall go into Error state and shall stop sending messages secured with the expired key. If a Subscriber receives messages for a key longer than two times the KeyLifetime it shall stop processing messages with the expired key.
SecurityPolicyUri	String	The SecurityPolicy used for the SecurityGroup.
MaxFutureKeyCount	UInt32	The maximum number of future keys returned by the Method GetSecurityKeys.
MaxPastKeyCount	UInt32	The maximum number of historical keys stored by the SKS.
SecurityGroupId	String	The identifier for the SecurityGroup. The SecurityGroupId shall match the Name field.
RolePermissions	RolePermissionType[]	The permissions that apply to the security key access through GetSecurityKeys for the SecurityGroup.
GroupProperties	KeyValuePair[]	Specifies additional properties for the security group.

Table 90 – SecurityGroupDataType definition

Attributes	Value
BrowseName	SecurityGroupDataType
IsAbstract	False
Subtype of Structure defined in OPC 10000-5.
Conformance Units
PubSub Parameters Configuration2