Errata exists for this version of the document.
The following sub-clauses reconcile the threats that were described in 4.3 against the OPC UA functions. Compared to the reconciliation with the objectives that will be given in 5.2, this is a more specific reconciliation that relates OPC UA security functions to specific threats. A summary of the reconciliation is available in Table 1.
Table 1 - Security Reconciliation Threats Summary
Attacks |
Authentication |
Authorization |
Confidentiality |
Integrity |
Auditability |
Availability |
Non-Repudiation |
Denial of Service |
|
|
|
|
|
X |
|
Eaves Dropping |
X |
X |
X |
|
|
|
|
Message Spoofing |
|
X |
|
|
|
|
|
Message Alteration |
X |
X |
|
X |
X |
|
X |
Message Replay |
X |
X |
|
|
|
|
|
Malformed Messages |
|
|
|
|
|
X |
|
Server Profiling |
(X) |
(X) |
(X) |
(X) |
(X) |
(X) |
(X) |
System Hijacking |
X |
X |
X |
X |
X |
X |
X |
Rogue Server |
X |
X |
X |
|
X |
X |
|
Compromising User Credentials |
X |
X |
X |
|
|
|
|
Repudiation |
|
|
|
|
|
|
X |