See 4.3.6 for a description of this threat.

OPC UA uses SessionIds, SecureChannelIds, Timestamps, sequence numbers and RequestIds for every request and response Message. Messages are signed and cannot be changed without detection, therefore it would not be possible to replay a Message without it being detected and rejected. The establishment of a SecureChannel or Session includes the same signature, timestamps and sequence number that are part of all messages and thus cannot be replayed.

OPC UA PubSub uses PublisherIds, DataSetWriterIds, Timestamps, network message numbers and sequence numbers in published messages. When Messages are optionally signed they cannot be changed without detection, therefore it can be configured that replay of a message is not possible. It is worth noting that PubSub does allow the disabling of fields in a message. The disabling of the Timestamp, network message number and sequence number, could allow replay attacks. If a replay attack is of concern in a CSMS, then these fields need to be enabled.

For session-less communication, OPC UA uses Timestamps, sequence numbers and RequestIds for every request and response Message. Messages are signed and cannot be changed without detection therefore it would not be possible to replay a Message.