The following sub-clauses define OPENSCS Facets that, when implemented, are used to add additional functionality to the basic OPENSCS functionality.

The OPENSCS Security Server Facet defined in Table 72 includes ConformanceUnits for Servers that are not included in other OPC UA defined Facets and Profiles. This Facet is required to meet the security requirements of OPENSCS.

Table 72 – OPENSCS Security Server Facet Definition

Security Conformance Unit

Defined in

Optional / Mandatory

OPC UA Authority Profile

OPC 10000-7

M

Security Time Synch – NTP / OS Based support

OPC 10000-7

M

Security Administration

OPC 10000-7

M

Security Role Server Restrict Applications

OPC 10000-7

M

Security Role Server Restrict Endpoints

OPC 10000-7

M

Security Role Server Role Permissions

OPC 10000-7

M

Security Role Server Authorization

OPC 10000-7

M

OPENSCS security requirements mandate that the session shall always be authenticated. The use of endpoints enabling the security policy SECURITY_POLICY_NONE is not allowed.

The OPENSCS Security Client Facet defined in Table 73 includes Conformance Units for Clients that are not included in other OPC UA defined Facets and Profiles. This Facet is required to meet the security requirements of OPENSCS.

Table 73 – OPENSCS Security Client Facet Definition

Security Conformance Unit

Defined in

Optional / Mandatory

OPC UA Authority Profile

OPC 10000-7

M

Security Time Synch – NTP / OS Based support

OPC 10000-7

M

Security Default Application Instance Certificate

OPC 10000-7

M

Security Policy Required

OPC 10000-7

M

Authorization Service Client

OPC 10000-7

M

OPENSCS security requirements mandate that the session shall always be authenticated. The use of the security policy SECURITY_POLICY_NONE is not allowed.