The OPC UA specification describes Audit Eventsthat are to be generated and the information that these Audit Eventsinclude as a minimum, however, the specification does not describe how these Audit Eventsare handled once they are generated. Audit Eventscan be subscribed to by multiple Audittracking systems or logging systems. The OPC UA specification does not describe these systems. It is assumed that any number of vendor provided systems could provide this functionality. As a best practice whatever system is used to store and manage, Audit Eventsshould ensure the following:

  • That Audit Eventsare not tampered with once they are received.
  • The Subscriptionfor Audit Eventsshould be via a Secure Channelto ensure they are not tampered with while in transition.
  • ForClientsthat log audit events; it is recommended that the logged audit events be persisted in such a manner that the audit events can be authenticated and linked to the original transaction.

An Auditevent management system could have additional requirements based on the site CSMS.