Search

Scope: Core (OPC-10000-*) All specs

200 result(s) for Server

OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.38 Server

Server software application that implements and exposes the Services specified in this set of specifications
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.1 AddressSpace

AddressSpace collection of information that a Server makes visible to its Clients Note 1 to entry: See OPC 10000-3 for a description of the contents and structure ... Server AddressSpace
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.14 Discovery

Discovery process by which Client obtains information about Server s, including endpoint and security information
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.18 Message

Message data unit conveyed between Client and Server that represents a specific Service request or response
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.21 MonitoredItem

MonitoredItem Client -defined entity in the Server used to monitor Attributes or EventNotifiers for new values or Event occurrences and that generates Notifications for them
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.30 OPC UA Application

Application Client , which calls OPC UA Services , or a Server , which performs those Services , or an OPC UA Publisher or an OPC UA Subscriber
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.31 Profile

Profile specific set of capabilities to which a Server may claim conformance. Note 1 to entry: Each Server may claim conformance to more than one Profile Note 2 to entry
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.37 Secure Channel

Channel in OPC UA, a communication path established between an OPC UA Client and Server that have authenticated each other using certain OPC UA services and for which security parameters
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.39 Service

Service Client -callable operation in a Server Note 1 to entry: Services are defined in OPC 10000-4 . A Service is similar to a method call in a programming language
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.41 Session

Session logical long-running connection between a Client and a Server. Note 1 to entry: A Session maintains state information between Service calls from the Client to the Server
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

2.1.43 Subscription

Subscription Client -defined endpoint in the Server, used to return Notifications to the Client Note 1 to entry: Subscription is a generic term that describes a set of Nodes selected ... Client (1) that the Server periodically monitors for the existence of some condition, and (2) for which the Server sends Notifications to the Client when the condition is detected
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

3.2 Specification parts

Address Space Model Part 3 describes the contents and structure of the Server's AddressSpace . Part 4 ( OPC 10000-4 ) - Services Part 4 specifies the Services provided by Servers . Part ... exposing an alternate well-defined name for any OPC UA Node in a Server or system. Part 18 ( OPC 10000-18 ) - Role-Based Security Part 18 specifies the basic infrastructure
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

4.3 Design goals

provides a consistent, integrated AddressSpace and service model. This allows a single Server to integrate data, Alarms and Events , and history into its AddressSpace , and to provide access to them ... other standard organizations or vendors. Through the AddressSpace , Clients can query the Server for the metadata that describes the format for the data. In many cases, Clients with
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

4.4.1.2 Discovery and Session establishment

authenticated only once, when the application Session is established. The mechanisms for discovering Server s and establishing secure communication channels and application Sessions are described
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

4.4.1.3 Auditing

Auditing OPC UA includes support for security audit trails with traceability between Client and Server audit logs. If a security-related problem is detected at the Server , the associated Client
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

4.4.2 Integrated AddressSpace model

Integrated AddressSpace model The set of Objects and related information that the Server makes available to Clients is referred to as its AddressSpace . The OPC UA AddressSpace represents its contents ... Node s are described by Attributes . Attributes are the only elements of a Server that have data values. Data types that define attribute values may be simple or complex. Node
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

4.4.3 Integrated object model

allows data, Alarms and Events , and their history to be integrated into a single Server . For example, Servers are able to represent a temperature transmitter as an Object that
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

4.4.4 Integrated services

also allow Clients to subscribe to Servers for Notifications . Notifications are used by the Server to report occurrences such as Alarms , data value changes, Events , and Program execution results
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

4.5 Sessions

automatically cause the Session to terminate. Sessions terminate based on Client or Server request, or based on inactivity of the Client . The inactivity time interval is negotiated during Session establishment
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.1 ClientServer overview

Servers . Each Client may interact concurrently with one or more Servers , and each Server may interact concurrently with one or more Clients . This model enables Clients to access data, invoke ... Services , and receive Events from Servers . An application can embody both Server and Client functionalities, allowing it to exchange information with other Servers and Clients as described in 5.3.7 . Clients
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.2 OPC UA Clients

conversion of Client API calls into messages and manages the underlying communication with the Server . The Services defined for OPC UA are described in clause 6 , and specified ... calls into Messages and sends them through the underlying communications entity to the Server at the request of the Client application. The OPC UA Communication Stack also receives response
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.1 General

General The OPC UA Server architecture models the Server endpoint of client/server interactions. Figure 4 illustrates the major elements of the Server and how they relate to each other. Figure ... Server architecture
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.2 Real objects

Real objects Real objects are physical or software objects that are accessible by the Server application or that it maintains internally. Examples include physical devices (e.g. sensors, actuators, motors
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.3 Server application

Server application The Server application is the code that implements the function of the Server . It uses the Server API to send and receive OPC UA Messages from Clients . Note ... that the " Server API" is an internal interface that isolates the Server application code from an OPC UA Communication Stack
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.4.3 AddressSpace Views

subset of the AddressSpace . Views are used to restrict the Node s that the Server makes visible to the Client , thus restricting the size of the AddressSpace for the Service
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.4.4 Support for information models

Industry groups can define how their specific information models are to be represented in Server AddressSpace
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.5.1 MonitoredItems

MonitoredItems MonitoredItems are entities in the Server created by the Client that monitor AddressSpace Node s and, indirectly, their real-world counterparts. When they detect a data change
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.5.2 Subscriptions

Subscriptions A Subscription is an endpoint in the Server that publishes Notifications to Clients . Clients control the rate at which publishing occurs by sending Publish Messages
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.3.7 Server to Server interactions

Server to Server interactions Server to Server interactions in the ClientServer model are interactions in which one Server acts as a Client of another Server . Server to Server interactions allow ... Servers together for vertical access to data in an enterprise. Figure 6 - Chained Server example
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.4 Redundancy

high availability, fault tolerance and load balancing. OPC 10000-4 formally defines Client , Server and Network Redundancy . Whether and what Redundancy is supported by an OPC UA Application is defined ... Profiles . Profiles are described in OPC 10000-7 . Required Client and Server behaviours are associated with two distinct modes of Server Redundancy , transparent and non-transparent. The Client and Server
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.6 Synergy of models

real-time data. For instance, a Client application might use ClientServer to configure a Server and set up PubSub connections. Subsequently, the Server/Publisher publishes real-time data updates using PubSub ... easily be integrated into Servers and Clients . Quite typically, a Publisher will be a Server (the owner of information) and a Subscriber is often a Client . Above all, the PubSub
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.7.1 General

among all Applications in a system. For example, if a system consists of one Server and one or more Clients , it is reasonable for the Server to be configured with ... usernames and passwords of all users that can access the Server . If instead a system has hundreds of Servers, then it becomes unmanageable for each Server to independently store
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.7.2 Discovery Services

other OPC UA Applications. For example, a Client application can use a Local Discovery Server (LDS) to find Servers on the local network. In a larger, more complex network ... Global Discovery Server (GDS) might be used to discover Servers across different network segments. The Client sends a Discovery request, and the Discovery Server responds with a list of available
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

5.7.7 Alias Names

often referred to as "Tag Names". When a Node in a Server represents an entity with an assigned Tag Name, the Tag Name is often used ... well-known name called an "alias name" to any Node in a Server and a centralized way to look up that Node by its alias name
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

6.1 General

collection of related Services that enable Clients to access specific aspects of a Server's functionality. The Service Sets and their Services are specified in OPC 10000-4 . These Service ... Service Sets and the Services within them depends on the Profiles supported by the Server . Profiles are described
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

6.2 Discovery Service Set

manner in which clients can read the security configuration required for connection to the Server . The Discovery Services are implemented by individual Servers and by dedicated Discovery Servers . Well known
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

6.3 SecureChannel Service Set

communication channel that ensures the confidentiality and integrity of all Messages exchanged with the Server . The base concepts for UA security are defined in OPC 10000-2 . The SecureChannel Services ... SecureChannel is a long-running logical connection between a single Client and a single Server . This channel maintains a set of keys that are known only to the Client
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

6.6 View Service Set

View Service Set Views are publicly defined, Server -created subsets of the AddressSpace . The entire AddressSpace is the default View , and therefore, the View Services are capable of operating
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

6.8 Method Service Set

Discovery is provided through the browse Services . Clients discover the Methods supported by a Server by browsing for the owning Objects that identify their supported Methods . Because Methods may control
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

6.9 MonitoredItem Service Set

sampling only, or to enable both sampling and reporting. When sampling is enabled, the Server samples the item. In addition, each sample is evaluated to determine if a Notification should
OPC-10000-1 – OPC Unified Architecture - Part 1: Overview and Concepts

6.10 Subscription Service Set

existence of a Subscription is independent of the Client's Session with the Server . This allows one Client to create a Subscription , and a second, possibly a redundant Client ... renew the lifetime, the lifetime expires and the Subscription is closed by the Server . When a Subscription is closed, all MonitoredItems assigned to the Subscription are deleted. Subscriptions include features
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

3.1.12 Authentication

Authentication process that assures that the identity of an entity such as a Client , Server , Publisher or user can be verified
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

3.1.14 AuthorizationService

AuthorizationService Server which validates a request to access a Resource returns an AccessToken that grants access to the Resource Note 1 to entry: The AuthorizationService is also called STS (Security
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

3.1.28 Identity Provider

Identity Provider Server which verifies credentials provided by a Security Principal and returns a token which can be passed to an associated Authorization Service
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

3.1.38 Resource

entity which an application accesses Note 1 to entry: A Resource is usually a Server
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

3.1.40 Role

Role function assumed by a Client when it accesses a Server Note 1 to entry: A Role could refer to a specific job function such as operator or engineer
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

3.1.41 SecureChannel

ensures the confidentiality and/or integrity of all messages exchanged between a Client and a Server Note 1 to entry: If the security policy is None, then confidentiality and integrity
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

3.1.43 SecurityKeyService

SecurityKeyService Server that accepts AccessTokens issued by the Authorization Service and returns security keys that can be used to access the specified Resource Note 1 to entry: The keys
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.1 OPC UA security environment

could require different levels of security and different security infrastructure. For example, both Client - Server and Publisher - Subscriber communication is shown in Figure 1 . OPC UA also defines global services
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.2.1 Overview

functions. Clause 6 offers additional best practice guidelines to Client and Server developers or those that deploy OPC UA Application
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.2.3 Authorization

coarse-grained as allowing or disallowing a Client to access a Server or it could be much finer grained such as allowing specific actions on specific information items by specific ... granularity of a system depends in part on the functionality supported by the Server , but in general Authorization should be given based on the need-to-know principle
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.2.2 Message flooding

Message flooding For Client - Server , an attacker can send a large volume of Message s, or a single Message that contains a large number of requests, with the goal ... overwhelming the OPC UA Server or dependent components such as CPU, TCP/IP stack, operating system, or the file system. Flooding attacks can be conducted at multiple layers including
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.2.3 Resource Exhaustion

resulting in a single Client obtaining all resources blocking valid Clients from accessing the Server . For example, on a Server in which only 10 Sessions are available a malicious person ... process.The Client might not even open a Session , just open a socket to the Server . Resource exhaustion attacks do not occur in the same manner for PubSub communications since
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.2.4 Application Crashes

system bugs can allow a Client to issue a command that would cause the Server to crash, as an alternate it could be a Server that can respond
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.3 Eavesdropping

capture Message s. It could be beyond the capability of a Client or Server to recover from a compromised operating system. Eavesdropping impacts Confidentiality directly and if session establishment
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.4 Message spoofing

application, process etc.). An attacker could forge Message s from a Client or a Server or a Publisher where the messages are forged to attempt to appear to be from ... multiple layers in the protocol stack. By spoofing Message s from a Client, a Server or Publisher , attackers can perform unauthorized operations and avoid detection of their activities. Message spoofing
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.7 Malformed Messages

send them to OPC UA Client s, Servers or Subscribers . The OPC UA Client , Server or Subscriber could incorrectly handle certain malformed Message s by performing unauthorized operations or processing
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.8 Server profiling

Server profiling An attacker tries to deduce the identity, type, software version, or vendor of the Server or Client in order to apply knowledge about specific vulnerabilities of that product ... recognize the type of target by the pattern of its normal and error responses. Server profiling impacts all of the security objectives indirectly. See 5.1.8 for the reconciliation of this
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.10 Rogue Server

Rogue Server An attacker builds a malicious OPC UA Server or installs an unauthorized instance of a genuine OPC UA Server in a system. The rogue Server can attempt ... masquerade as a legitimate UA Server or it can simply appear as a new Server in the system. The OPC Client could disclose confidential information. A rogue Server impacts
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.3.12 Rogue Local Discover Server

Rogue Local Discover Server An attacker who builds a malicious Local Discover Server . The malicious Local Discover Server could direct Clients to incorrect Servers , lower the exposed security of listed ... input to a GDS that aggregates information from Local Discovery Servers . A rogue Discovery Server impacts all security objectives except Integrity and Non-Repudiation . See 5.1.11 for the reconciliation
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.5.1 Overview

security objectives are addressed at different levels. The OPC UA security architecture, for Client / Server communication is structured in an Application Layer and a Communication Layer atop the Transport Layer ... shown in Figure 2 . Figure 2 - OPC UA security architecture - Client / Server OPC UA also supports a Publish - Subscribe communications architecture ( PubSub ) and the security architecture for that communication
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.5.2.1 Overview

Overview Client / Server communication can include both Session and session-less communication. Security in part is provided by the application or by the communications layers. It can also utilize transport
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.5.2.2 Session application layer

Session application layer The routine work of a Client application and a Server application to transmit information, settings, and commands is done in a Session in the Application Layer
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.5.2.3 Session communication layer

that is used to secure the communication between a Client and a Server . The SecureChannel provides encryption to maintain Confidentiality , Message Signature s to maintain Integrity and Certificates to provide
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.5.3.2 Broker-less

Symmetric Encryption and signature algorithms. The required SymmetricKeys are distributed by a Security Key Server (SKS) (see OPC 10000-14 for additional details). The SKS makes use of the standard ... Client / Server security described in 4.5.2 to establish application Authentication as well as user Authentication . This approach allows all applications ( Publishers and/or Subscribers ) in a SecurityGroup to share information
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.6 SecurityPolicies

from a Security Profile (see 4.7 for details). Security policies are used by the Server to announce which mechanisms it supports and by the Client to select which ... policy announcement strategies can be found in OPC 10000-12 . In the Client Server communications pattern, each Client can select a policy independent of the policy selected by other Clients
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.7 Security Profiles

Security Profiles OPC UA Client and Server products are certified against Profiles that are described in OPC 10000-7 . Some of the Profiles specify security functions and others specify other
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.9 User Authentication

User Authentication User Authentication is achieved when the Client passes user credentials to the Server as specified via Session Services (described in OPC 10000-4 ). The Server can authenticate
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.13 OPC UA security related Services

used for applying various security mechanisms to communication between OPC UA Client s and Server s. OPC 10000-4 provides an overview of security in the "Service Behaviours ... about the security policies (see 4.6 ) and the Certificate s of specific OPC UA Server s. The services of the SecureChannel Service Set (specified in OPC 10000-4 ) are used
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.14.1 General

security audit trails through two mechanisms. First, it provides for traceability between Client and Server audit logs. The Client generates an audit log entry for an operation that includes ... includes the local identifier of the log entry in the request sent to the Server . The Server logs requests that it receives and includes the Client 's entry
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.14.2 Single Client and Server

Single Client and Server Figure 7 illustrates the simple case of a Client communicating with a Server . Figure 7 - Simple Servers In this case, OPC Client "A" executes ... some auditable operation that includes the invocation of an OPC UA service in Server "D". It writes its own audit log entry, and includes the identifier of that
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.14.3 Aggregating Server

Aggregating Server Figure 8 illustrates the case of a Client accessing services from an aggregating Server . An aggregating Server is a Server that provides its services by accessing services ... service request and the Client audit entry id received in the request. The Server then passes the audit id of the entry it just created to the next Server
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.14.4 Aggregation through a non-auditing Server

Aggregation through a non-auditing Server Figure 9 illustrates the case of a Client accessing services from an aggregating Server that does not support Auditing . Figure 9 - Aggregation with ... auditing Server In this case, each of the Servers receives requests and creates their own audit log entry for them, with the exception of Server "B", which does
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

4.14.5 Aggregating Server with service distribution

Aggregating Server with service distribution Figure 10 illustrates the case of a Client that submits a service request to an aggregating Server , and the aggregating service supports that service ... submitting multiple service requests to its underlying Servers . Figure 10 - Aggregating Server with service distribution In the case of aggregating Servers , a Server would be required to subscribe for Audit
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.1 Overview

threats. A summary of the reconciliation is available in Table 1 . Only eavesdropping and Server profiling require SignAndEncrypt while all other are mitigated with SignOnly . [ (X) indicates indirectly]. Table ... Message Alteration X X X X X Message Replay X X Malformed Messages X Server Profiling (X) (X) (X) (X) (X) (X) (X) Session Hijacking
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.2.2 Message flooding

OpenSecureChannel (specified in OPC 10000-4 ) are the only services that the Server handles before the Client is authenticated. The response to GetEndpoints is only a set of static information ... Server does not need to do much processing. The response to OpenSecureChannel consumes significant Server resources because of the signature and encryption processing. OPC UA has minimized this processing
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.2.3 Resource exhaustion

risk of a legitimate Client being used to mount a resource exhaustion attack. Additionally, Server Auditing allows the detection of the Client if a resource exhaustion attack was carried
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.4 Message spoofing

further restricts Message spoofing. In session-less communication, to counter message spoofing Clients and Server should restrict session-less communication to be over SecureChannel s. See 4.5.2.5 and for additional
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.10 Rogue Server or Publisher

Rogue Server or Publisher See 4.3.10 and 4.3.11 for a description of this threat. OPC UA Client applications counter the use of rogue Servers by validating Server ApplicationInstanceCertificates . There would ... still be the possibility that a rogue Server provides a Certificate from a trusted OPC UA Server , but since it does not possess the appropriate Private Key (because this will
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.11 Rogue Local Discover Server

Rogue Local Discover Server See 4.3.12 for a description of this threat. OPC UA Client can counter a rogue Discovery Server , by only connecting to Servers that are trusted. This ... protects the Client against malicious Server. The use of a GDS can also mitigate the effect of a compromised Local Discovery Server . A GDS, that aggregates information from Local Discovery
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.12 Compromising user credentials

social engineering. The risk from a compromised AuthorizationService can be minimized by restricting Server access in additional manners, such as from specific applications ( Clients ) or at specific times
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.13 Repudiation

Repudiation See 4.3.15 for a description of this threat. OPC UA Client and Server applications counter Repudiation by the signing of Message s that are specified
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.14 Message Suppression

Message Suppression See 4.3.16 for a description of this threat. A Client and Server can counter message suppression by using checking the SequenceNumber in the sequence header. A SecureChannel ... required to be closed if a SequenceNumber is missed. This allows both a Server and a Client to detect if a message is supressed. Both the Server and Client
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.1.15 Downgrade Attack

verifying the available communication options once a secure connection is established to the Server . If the list of secure connection provided in activate Session is different from the list provided
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.2.2 Application Authentication

GetEndpoints and OpenSecureChannel services in OPC 10000-4 , OPC UA Client and Server applications identify and authenticate themselves with X.509 v3 Certificate s and associated private keys ( X.509 v3 Certificate ... represent the machine or user instead of the application. For publish subscribe communications Client Server communications is required to obtain the shared keys from a SecurityKeyService (SKS). Although the application
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.2.3 User Authentication

Client accepts a UserIdentityToken from the user and passes it to the OPC UA Server . The OPC UA Server authenticates the user token. OPC UA Applications accept tokens ... Certificate then this token is validated with a challenge-response process. The Server provides a Nonce and signing algorithm as the challenge in its CreateSession response. The Client responds
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.2.4 Authorization

Authorization Authorization could be provided via Roles ( 4.12 ) and supplied by a Authorization Server in a GDS. In an environment of mixed vendor products, the GDS can provide a consistent ... Identification and Authentication of users is specified in OPC UA so that Client and Server applications can recognize the user in order to determine the Authorization level of the user
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

5.2.8 Availability

described in 5.1.2 . Some attacks on Availability involve opening more Sessions than a Server can handle thereby causing the Server to fail or operate poorly. Servers reject Sessions that exceed
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

6.2 Appropriate timeouts:

large. Resource consumption: When a Client is idle for long periods of time, the Server keeps the Client 's buffered Message or information for that period, leading to resource exhaustion
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

6.10 Program access

functionality that allows for programs to be executed as part of the OPC UA Server . These programs can be used to perform advanced control algorithms or other actions
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

6.12 OAuth2, JWT and User roles

AccessTokens . These JWTs are passed as an Issued Token to an OPC UA Server which uses the signature contained in the JWT to validate the token. JWT can also provide ... information to the Server regarding the roles associated with the Authenticated user. The enforcement of the roles is the responsibility of the Server
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

6.14 Reverse Connect

Reverse Connect Reverse connect allows a Server to initiate the connection to a Client (open the socket sending a HEL message). This results in an additional security concern ... that the Client needs to validate that the connection is from an appropriate Server and not a denial of service attack. The Client follows the process described in Part
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

6.17 Least privilege principle

Least privilege principle When a Client connects to a Server , the Client should be granted the minimum privileges that it requires to function. In OPC UA a Client can request
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

6.19 Diagnostic related issues

Diagnostic related issues Diagnostics are an important tool in troubleshooting problems in a Server , Client or system, but it is important that security sensitive information not be provided as part ... system. In addition, diagnostics can provide trace information describing the overall structure of Server . This type of diagnostic shall only be provided to Authenticated Clients
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

6.20 Changing Users in OPC UA

context. Furthermore, in multi-threaded environments, when an ActivateSession request is received by a Server , it should stop processing new Service calls until the Server has completed any user change ... Services like Read or Browse , the Server needs to ensure that any Service call that were issued under the old user context are completed using that context and that
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

7.2 Discovery

Discovery Discovery Services can be provided by a Local Discovery Server or by the Server . A Local Discovery Server is used when more than one OPC UA Application could ... available on a single platform. If only one dedicated Server is available on a platform, usually that Server also functions as a Discovery Server . The Local Discovery Server exposes
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

7.3 Multicast Discovery

nature; they allow rogue Servers to broadcast their presence or impersonate another host or Server . Risks from Rogue Servers can be minimized if OPC UA security is enabled ... TrustLists to control access. Also, Clients should cache connection information, minimizing the lookup of Server information. However, even if you use UA security, multicast DNS should be disabled in environments
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

8.1 Overview

Overview The Global Discovery Server (GDS) is a special OPC UA Server that provides Discovery Services for a plant or entire system. In addition, This Server can include CertificateManager , KeyCredentialService ... There are multiple methods of accessing a GDS: Servers can register with the Discovery Server Clients can query the GDS for available Servers Clients can pull certificates from the CertificateManager
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

8.2 Rogue GDS

when dealing with a GDS: It is important that Servers register with the Discovery Server they are configured to register with and that Servers do not blindly register with ... that the Server has not been configured to register with. Servers have to be aware that a Discovery Server could be a rogue Server . A Server registers all endpoints that
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

8.3 Threats against a GDS

without security and is therefore vulnerable to denial of service (DOS) attacks. A Discovery Server should minimize the amount of processing required to send the response for this Service . This ... achieved by preparing the result in advance. The GDS only accepts Server registrations from Servers that are trusted or have appropriate administrative access rights. This will help ensure that
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

8.4 Certificate management threats

establishes a SecureChannel using the highest security level available in the target Server . It does not provide updated CRLs, Certificates or TrustLists via an endpoint that has a lower security ... deployed, it is handled in the same manner as the provisioning of a new Server (see SecurityLevel
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

9.2 Self signed certificate management

required to copy the Public Key associated with all Client applications to all Server applications that they desire communication with. In addition, the administrator would be required to copy ... Public Key associated with all Server applications to all Client applications that communicate with them. As the number of Servers and Clients grows, the administration effort can become too burdensome
OPC-10000-2 – OPC Unified Architecture - Part 2: Security Model

9.4.2 Certificate management for developers

electronic ID which identifies an Operator/User. It can be passed to a Server after the ApplicationInstanceCertificate is used to create a SecureChannel . It can be used to determine access rights
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

3.3.2 Conventions for defining NodeClasses

standards. This document also defines ReferenceTypes , but ReferenceTypes may also be specified by a Server or by a client using the NodeManagement Services specified in OPC 10000-4 . Thus ... column (optional or mandatory) does not imply a specific ModellingRule for Properties . Different Server implementations will choose to use ModellingRules appropriate for them
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.2 URIs

NamespaceUris appear in UANodeSets (see OPC 10000-6 ) and in the NamespaceArray in a Server AddressSpace (see OPC 10000-5 ); ApplicationUris identify an OPC UA Application running on a particular
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.4.1 General

General The set of Objects and related information that the OPC UA Server makes available to Clients is referred to as its AddressSpace . The model for Objects is defined
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.4.4 References

same AddressSpace or in the AddressSpace of another OPC UA Server . TargetNodes located in other Servers are identified in OPC UA Services using a combination of the remote Server name ... identifier assigned to the Node by the remote Server . OPC UA does not require that the TargetNode exists, thus References may point to a Node that does not exist
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.5.2 Properties

Properties Properties are Server -defined characteristics of Objects , DataVariables and other Nodes . Properties differ from Attributes in that they characterise what the Node represents, such as a device ... Nodes of a NodeClass and only defined by this specification whereas Properties can be Server -defined. For example, an Attribute defines the DataType of Variables whereas a Property
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.5.3 DataVariables

complex definitions. Following the example introduced by the description of Properties in 4.5.2 , the Server could expose "startTime" and "endTime" as separate components of the data
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.6.1 General

however, OPC 10000-5 defines a BaseObjectType , a PropertyType, and a BaseDataVariableType so a Server can use such a base type if no more specialised type information is available. Objects ... allow Clients to interpret the TypeDefinitionNode without having to read it from the Server . Therefore, Servers may use well-known NodeIds without representing the corresponding TypeDefinitionNodes in their AddressSpace . However
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.6.4 Instantiation of complex TypeDefinitionNodes

this TypeDefinitionNode . A TypeDefinitionNode and its InstanceDeclarations shall always reside in the same Server . However, instances may point with their HasTypeDefinition Reference to a TypeDefinitionNode in a different Server
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.7.1 General

subscribe to the Event Notifications of a Node . Any OPC UA Server that supports eventing shall expose at least one Node as EventNotifier . The Server Object defined ... used for this purpose. Events generated by the Server are available via this Server Object . A Server is not expected to produce Events if the connection to the event source
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.7.2 EventTypes

EventTypes Each Event is of a specific EventType . A Server may support many types. This part defines the BaseEventType that all other EventTypes derive from. It is expected that other ... deriving from the base types defined in this part. The EventTypes supported by a Server are exposed in the AddressSpace of a Server . EventTypes are represented as ObjectTypes
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.7.3 Event Categorization

groups by using the Event ReferenceTypes described in 7.16 and 7.18 . For example, a Server may define Objects in the AddressSpace representing Events related to physical devices, or Event areas ... plant or functionality contained in the Server . Event References would be used to indicate which Event sources represent physical devices and which ones represent some Server -based functionality. In addition
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.8 Methods

class. Methods are invoked by a client, proceed to completion on the Server and return the result to the client. The lifetime of the Method's invocation instance begins when ... Call Service defined in OPC 10000-4 . Clients discover the Methods supported by a Server by browsing for the owning Objects References that identify their supported Methods
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.9.1 Overview

Overview A Role is a function assumed by a Client when it accesses a Server . Roles are used to separate authentication (determining who a Client is) from authorization (determining what ... tasks Servers can allow centralized services to manage user identities and credentials while the Server only manages the Permissions on its Nodes assigned to Roles . The set of Roles supported
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.9.3 Evaluating Permissions with Roles

Evaluating Permissions with Roles When a Client attempts to access a Node, the Server goes through the list of Roles granted to the Session and logically ORs the Permissions ... operation are set, then the operation can proceed. If they are not set the Server returns Bad_UserAccessDenied . Roles appear under the Roles Object in the Server Address Space . Each
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

4.10.2 Interface Model

Object (see OPC 10000-5 ) has been defined so that all Interfaces of the Server are either directly or indirectly accessible browsing HierarchicalReferences starting from this Node . Rules
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.2 NodeId

accept alternative NodeIds in addition to the canonical NodeId represented in this Attribute . A Server shall persist the identifierType and identifier NodeId elements of a Node as well ... Namespace Uri which the namespaceIndex NodeId element references. A Server may change the namespaceIndex NodeId element of a Node with future Sessions and therefore a Client shall not assume
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.4 BrowseName

Node (e.g. Properties of a Node ) although not unique in the context of the Server . If different organizations define BrowseNames for Properties , the namespace of the BrowseName provided ... body although the namespace of the NodeId reflects something else, for example the local Server . Standards bodies defining standard type definitions shall use their namespace(s) for the NodeId
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.5 DisplayName

Node to the user. They should not use the BrowseName for this purpose. The Server may maintain one or more localised representations for each DisplayName . Clients negotiate the locale ... returned when they open a session with the Server . Refer to OPC 10000-4 for a description of session establishment and locales. Subclause 8.5 defines the structure of the DisplayName
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.7 WriteMask

writeable this may be restricted to a certain user/user group. If the OPC UA Server does not have the ability to get the WriteMask information for a specific Attribute from ... that it is writeable. If a write operation is called on the Attribute , the Server should transfer this request and return the corresponding StatusCode if such a request is rejected
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.8 UserWriteMask

Attribute can be written based on the UserWriteMask Attribute .It is possible that the Server may return an access denied error due to some server specific change which
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.9 RolePermissions

NamespaceMetadata Object does not define the Property or does not exist, then the Server should not publish any information about how it manages Permissions . If a Server supports Permissions ... particular Node in the Namespace needs to override the default values, the Server adds the RolePermissions Attribute to the Node. The DefaultRolePermissions Property and RolePermissions Attribute shall only be readable
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.10 UserRolePermissions

array. The value of this Attribute is derived from the rules used by the Server to map Sessions to Roles . This mapping may be vendor specific ... NamespaceMetadata Object does not define the Property or does not exist, then the Server does not publish any information about Roles mapped to the current Session
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.2.11 AccessRestrictions

that apply to a Node. Its data type is defined in 8.56 . If a Server supports AccessRestrictions for a particular Namespace it adds the DefaultAccessRestrictions Property to the NamespaceMetadata Object ... particular Node in the Namespace needs to override the default value the Server adds the AccessRestrictions Attribute to the Node. If a Server implements a vendor specific access restriction model
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.3.2 Attributes

translation of the BrowseName. The BrowseName of a ReferenceType shall be unique in a Server . It is not allowed that two different ReferenceTypes have the same BrowseName . The IsAbstract Attribute
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.4 View NodeClass

defines two additional Attributes . The mandatory ContainsNoLoops Attribute is set to FALSE if the Server is not able to identify if the View contains loops or not. The mandatory EventNotifier ... context of the View . To avoid recursion, i.e. getting all Events of the Server , the Server Object defined in OPC 10000-5 shall never be part of any View since
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.5.2 ObjectType NodeClass

make GeneratesEvent References bidirectional References . However, it is allowed to be unidirectional when the Server is not able to expose the inverse direction pointing from the EventType to each ObjectType
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.5.4 Client-side creation of Objects of an ObjectType

defined by its ObjectType dependent on the ModellingRules specified for the components. However, the Server may add additional components and References to the Object and its components that ... defined by the ObjectType . This behaviour is Server dependent. The ObjectType only specifies the minimum set of components that shall exist for each Object of an ObjectType . In addition
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.6.2 Variable NodeClass

Defined by the DataType Attribute The most recent value of the Variable that the Server has. Its data type is defined by the DataType Attribute . It is the only Attribute ... Value of the Variable will be kept. It specifies (in milliseconds) how fast the Server can reasonably sample the value for changes (see OPC 10000-4 for a detailed description
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.6.4 DataVariable

bytes of a String or the text field of a LocalizedText value. If a Server does not impose a maximum number of bytes or is not able to determine ... characters of a String or the text field of a LocalizedText value. If a Server does not impose a maximum number of Unicode characters or is not able to determine
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.6.5 VariableType NodeClass

make GeneratesEvent References bidirectional References . However, it is allowed to be unidirectional when the Server is not able to expose the inverse direction pointing from the EventType to each VariableType
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.6.6 Client-side creation of Variables of an VariableType

defined by its VariableType dependent on the ModellingRules specified for the components. However, the Server may add additional components and References to the Variable and its components that ... defined by the VariableType . This behaviour is Server dependent. The VariableType only specifies the minimum set of components that shall exist for each Variable of a VariableType
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.7.1 Method NodeClass

Method is executable, not taking user access rights into account. If the OPC UA Server cannot get the Executable information from the underlying system, it should state that ... executable. If a Method is called then the Server should transfer this request and return the corresponding StatusCode even if such a request is rejected. StatusCodes are defined
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

5.8.1 DataType Model

allow Clients to interpret values without having to read the type description from the Server . Therefore, Servers may use well-known DataTypeIds without representing the corresponding DataType Nodes in their ... Clients to read, although this information might not always be available to the Server . Figure 18 illustrates the Nodes used in the AddressSpace to describe the structure of a DataType
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

6.4.2 Creating an Instance

which they are instantiated, with the exceptions of the NodeClass and NodeId . When a Server creates an instance of a TypeDefinitionNode it shall create the same hierarchy of Node ... InstanceDeclaration . Figure 27 - An Instance and its TypeDefinitionNode It is up to the Server to decide which InstanceDeclarations appear in any single instance. In some cases, the Server will
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

6.4.4.1 General

define how to deal with NonHierarchical References between InstanceDeclarations , i.e. it is Server -specific if those References exist in an instance hierarchy or not. Other ModellingRules may define behaviour
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

6.5 Changing Type Definitions that are already used

behaviour specified regarding subtypes and instances when changing ObjectTypes and VariableTypes . It is Server -dependent, if those changes are reflected on the subtypes and instances of the types. However ... type if instances of this type exist without the Property . In that case, the Server either has to add the Property to all instances of the type or adding
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

7.9 HasOrderedComponent ReferenceType

Service defined in OPC 10000-4 in a well-defined order. The order is Server -specific, but the Client can assume that the Server always returns them in the same
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

7.17 HasEventSource

subtypes are intended to be used for discovery of Event generation in a Server . They are not required to be present for a Server to generate an Event from ... causing the Event ) to its notifying Nodes . In particular, the root notifier of a Server , the Server Object defined in OPC 10000-5 , is always capable of supplying all Events
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

7.18 HasNotifier

represented in Figure 40 . In this example, explicit References are included from the Server 's Server Object , which is a source of all Server Events . A second Event organization
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

7.27 IsDisabledOptionalField

indicate that the field shall not be provided. This indicates to Clients , that the Server will never provide the optional field and that they are not allowed to write
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.2.1 General

Built-in DataType is composed of three elements that identify a Node within a Server . They are defined in Table 22 . Table 22 - NodeId Definition Name Type Description NodeId structure ... Identifier * The identifier for a Node in the AddressSpace of an OPC UA Server (see 8.2.4 ). See OPC 10000-6 for a description of the encoding of the identifier into
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.2.2 NamespaceIndex

responsible for assigning the identifier element of the NodeId . Naming authorities include the local Server , the underlying system, standards bodies and consortia. It is expected that most Nodes will ... Server or of the underlying system. Using a namespace URI allows multiple OPC UA Servers attached to the same underlying system to use the same identifier to identify the same
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.2.3 IdType

Unique Identifier Opaque 3 Namespace specific format Normally the scope of NodeIds is the Server in which they are defined. For certain types of NodeIds , NodeIds can uniquely identify
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.3 QualifiedName

defines the name. This index is the index of that namespace in the local Server 's NamespaceArray . The Client may read the NamespaceArray Variable to access the string value
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.4 LocaleId

other <country/region> codes as deemed necessary by the Client or the Server . This specification also allows
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.38 XmlElement

have access to the XML Schema to define a DataTypeEncoding ). For this reason a Server should never define Variables that use the XmlElement DataType unless the Server has no information
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.40 OptionSet

same size as value representing the valid bits in the value parameter. A Server shall return the StatusCode BadOutOfRange if it receives a different array size. When the Server returns ... then the corresponding bit in the value is used by the Server. If it is set to a 0 it should be ignored as it has no meaning. When
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

8.58 AccessLevelExType

Field represents the volatility of the Variable . This Field is used to indicate a Server shall ensure the Value of the Variable is persisted over a restart. The Constant Field ... volatile 1 0 constant and volatile. The related ConfigurationVersion shall be changed with each Server restart. 1 1 Constant and non-volatile The AccessLevelExType is formally defined in Table
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.3 SystemEventType

SystemEventType that are generated as a result of some Event that occurs within the Server or by a system that the Server is representing
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.5 AuditEventType

AuditEventType that are generated as a result of an action taken on the Server by a Client of the Server or as a result of some vendor specific action ... example, in response to a Client issuing a write to a Variable , the Server would generate an AuditEvent describing the Variable as the source and the user and Client session
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.11 AuditUrlMismatchEventType

EndpointUrl used in the service call does not match the Server 's HostNames (see OPC 10000-4 for details). This Type has been deprecated and will be removed
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.15 AuditCertificateDataMismatchEventType

AuditEvent is generated if the HostName in the URL used to connect to the Server is not the same as one of the HostNames specified in the Certificate
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.31 SystemStatusChangeEventType

running, then a Client cannot expect any Events from the underlying system. A Server can identify its own status changes using this EventType
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.32.2 NodeVersion Property

changed, and every time the NodeVersion is changed, a ModelChangeEvent shall be generated. A Server shall support both the ModelChangeEvent and the NodeVersion Property or neither, but never only
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.32.3 Views

considered. Therefore the only Notifiers which report the ModelChangeEvents are View Nodes and the Server Object representing the default View . Each action generating a ModelChangeEvent may lead to several Events
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.32.4 Event compression

required to issue an Event for every update as it occurs. An OPC UA Server may be capable of grouping a series of transactions or simple updates into a larger
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

9.32.7 Guidelines for ModelChangeEvents

array. The precision used depends on both the capability of the OPC UA Server and the nature of the update. An OPC UA Server may use either ModelChangeEvent type depending ... should identify every Node that has changed since the preceding ModelChangeEvent. The OPC UA Server should emit exactly one ModelChangeEvent for an update or series of updates. It should
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

A.1 Overview

Space Model can be used. Annex A is for information only, that is, each Server vendor can model its data in the appropriate way that fits its needs. However ... gives some hints the Server vendor may consider. Typically OPC UA Servers will offer data provided by an underlying system like a device, a configuration database, an OPC COM Server
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

A.4.3 Many Variables and / or Structured DataTypes

individual data does not provide any transactional context and for a specific Client the Server first has to convert the data and the Client has to convert the data, again ... transactional context and the Structured DataType can be constructed in a way that the Server does not have to convert the data and can pass directly to the specific Client
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

A.5 Views

Views Server -defined Views can be used to present an excerpt of the AddressSpace suitable for a special class of Clients , for example maintenance Clients , engineering Clients , etc. The View
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

A.6 Methods

Methods Methods should be used whenever some input is expected and the Server delivers a result. One should avoid using Variables to write the input values and other Variables ... this. Methods can also be used to trigger some execution in the Server that does not require input and / or output parameters. Global Methods , that is, Methods that cannot directly
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

A.8 Defining ModellingRules

defined if the predefined ModellingRules are not appropriate for the model exposed by the Server . Depending on the model used by the underlying system the Server may need to define ... ModellingRules , since the OPC UA Server may only pass the data to the underlying system and this system may use its own internal rules for instantiation, subtyping, etc. Beside this
OPC-10000-3 – OPC Unified Architecture - Part 3: Address Space Model

B.1 Background

also defines some Nodes to organise the AddressSpace and to provide information about the Server as specified in OPC 10000-5 . Figure B.1 - Background of OPC UA Meta Model
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.1.1 Active Server

Active Server Server which is currently sourcing information Note 1 to entry: In OPC UA redundant systems, an Active Server is the Server that a Client is using
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.1.4 Endpoint

network that allows Clients to access one or more Services provided by a Server Note 1 to entry: Each Server may have multiple Endpoints . Each Endpoint includes a HostName
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.1.6 Failed Server

Failed Server Server that is not operational. Note 1 to entry: In OPC UA redundant system, a Failed Server is a Server that is unavailable or is not able
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.1.7 Failover

Failover is the act of a Client switching away from a failed or degraded Server to another Server in the redundant set ( Server failover). In some cases a Client ... alternate Client replacing an existing failed or degraded Client connection to a Server
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.1.8 Gateway Server

Gateway Server Server that acts as an intermediary for one or more Servers Note 1 to entry: Gateway Servers may be deployed to limit external access, provide protocol conversion
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.1.10 Redundancy

failure of an OPC UA component Note 1 to entry: This may apply to Server s, Clients or networks
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.1.13 ServerUri

ServerUri ApplicationUri for a Server
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

3.3 Conventions for Service definitions

definitions OPC UA Services contain parameters that are conveyed between the Client and the Server . The OPC UA Service specifications use tables to describe Service parameters, as shown in Table
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

4.1 Service Set model

defines Services that allow a Client to discover the Endpoints implemented by a Server and to read the security configuration for each of those Endpoints . Figure 1 - Discovery Service ... communication channel to ensure the Confidentiality and Integrity of Messages exchanged with the Server . Figure 2 - SecureChannel Service Set The Session Service Set , illustrated in Figure 3 , defines Services that
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

4.2 Request/response Service procedures

Request/response Service procedures Request/response Service procedures describe the processing of requests received by the Server , and the subsequent return of responses. The procedures begin with the requesting Client submitting ... Service request Message to the Server . Upon receipt of the request, the Server processes the Message in two steps. In the first step, it attempts to decode and locate
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.1 General

these Services . Subclause 6.5 describes auditing requirements for all services. Whether or not a Server supports a Service Set , or a Service within a Service Set , is defined
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.3 Service results

serviceResult if the array is empty. The Services define various specific StatusCodes and a Server shall use these specific StatusCodes as described in the Service . A Client should be able ... Client handling of specific StatusCodes may be defined in OPC 10000-7 . If the Server discovers, through some out-of-band mechanism that the application or user credentials used
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.4 Locale Negotiation

number of Services expect an array of LocaleIds which are used by a Server to determine in what language or languages LocalizedText should be returned. The array of LocaleIds ... preferred order the Client would like the Server to use when selecting the locale of the LocalizedText to be returned. The first LocaleId in the list is the most preferred
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.1 Overview

Overview This Service Set defines Services used to discover the Endpoints implemented by a Server and to read the security configuration for those Endpoints . The Discovery Services are implemented ... describes how to use the Discovery Services with dedicated Discovery Servers. Every Server shall have a DiscoveryEndpoint that Clients can access without establishing a Session . This Endpoint
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.2.1 Description

Description This Service returns the Servers known to a Server or Discovery Server . The behaviour of Discovery Servers is described in detail in OPC 10000-12 . The Client may reduce ... number of results returned by specifying filter criteria. A Discovery Server returns an empty list if no Servers match the criteria specified by the Client . The filter criteria supported
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.2.2 Parameters

endpointUrl String The network address that the Client used to access the DiscoveryEndpoint . The Server uses this information for diagnostics and to determine what URLs to return in the response ... Server should return a suitable default URL if it does not recognize the HostName in the URL. localeIds [] LocaleId List of locales to use. The Server should return the applicationName
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.3.1 Description

Description This Service returns the Servers known to a Discovery Server . Unlike FindServers , this Service is only implemented by Discovery Servers . The Client may reduce the number of results returned ... specifying filter criteria. An empty list is returned if no Server matches the criteria specified by the Client . This Service shall not require message security but it may require transport
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.3.2 Parameters

response. 0 indicates that there is no limit. serverCapabilityFilter[] String List of Server capability filters. The set of allowed Server capabilities are defined in OPC 10000-12 . Only records with ... specified Server capabilities are returned. The comparison is case insensitive. If this list is empty then no filtering is performed. Response responseHeader ResponseHeader Common response parameters. The ResponseHeader type
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.4.1 Description

Description This Service returns the Endpoints supported by a Server and all of the configuration information required to establish a SecureChannel and a Session . This Service shall not require message ... results returned by specifying filter criteria based on LocaleIds and Transport Profile URIs. The Server returns an empty list if no Endpoints match the criteria specified by the Client
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.4.2 Parameters

endpointUrl String The network address that the Client used to access the DiscoveryEndpoint . The Server uses this information for diagnostics and to determine what URLs to return in the response ... Server should return a suitable default URL if it does not recognize the HostName in the URL. localeIds [] LocaleId List of locales to use. See locale negotiation in 5.4 which
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.5.1 Description

Description This Service is implemented by Discovery Servers . This Service registers a Server with a Discovery Server . This Service will be called by a Server or a separate configuration utility ... Clients will not use this Service . A Server shall establish a SecureChannel with the Discovery Server before calling this Service . The SecureChannel is described in 5.6 . The Administrator
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.5.2 Parameters

request parameters. The authenticationToken is always null. The type RequestHeader is defined in 7.32 . Server RegisteredServer The Server to register. The type RegisteredServer is defined in 7.31 . Response ResponseHeader ResponseHeader
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.6.1 Description

Description This Service is implemented by Discovery Servers . This Service allows a Server to register its DiscoveryUrls and capabilities with a Discovery Server . It extends the registration information from RegisterServer ... with information necessary for FindServersOnNetwork . This Service will be called by a Server or a separate configuration utility. Clients will not use this Service . Servers that support RegisterServer2 shall
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.5.6.2 Parameters

request parameters. The authenticationToken is always null. The type RequestHeader is defined in 7.32 . Server RegisteredServer The Server to register. The type RegisteredServer is defined in 7.31 . discoveryConfiguration [] ExtensibleParameter DiscoveryConfiguration ... Additional configuration settings for the Server to register. The discoveryConfiguration is an extensible parameter type defined in 7.13 . Discovery Servers that do not understand a configuration shall return Bad_NotSupported
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.6.1 Overview

communication channel that ensures the Confidentiality and Integrity of all Messages exchanged with the Server . The base concepts for OPC UA security are defined in OPC 10000-2 . The SecureChannel ... Stack on which the OPC UA Application is built. For example, an OPC UA Server may be built on a stack that allows applications to establish a SecureChannel using HTTPS
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.6.2.1 Description

globally-unique identifier and is valid for a specific combination of Client and Server application instances. Each channel contains one or more SecurityTokens that identify a set of cryptography keys ... existing SecurityToken to secure outgoing Messages until the SecurityToken expires or the Server receives a Message secured with a new SecurityToken . This should ensure that Clients do not reject Messages
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.6.2.2 Parameters

Certificate . The ApplicationInstanceCertificate type is defined in 7.3 . If the securityPolicyUri is None, the Server shall ignore the ApplicationInstanceCertificate . requestType Enum SecurityToken RequestType The type of SecurityToken request: An enumeration ... attacks are made more difficult. Therefore the volume of data exchanged between Client and Server shall be limited by establishing a new SecurityToken after the lifetime. The setting
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.6.2.3 Service results

valid. Bad_SecurityModeRejected The security mode does not meet the requirements set by the server. Bad_SecurityPolicyRejected The security policy does not meet the requirements set by the Server ... code. Bad_NonceInvalid See Table 178 for the description of this result code. A Server shall check the minimum length of the Client nonce and return this status
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.7.2.1 Description

Service is used by an OPC UA Client to create a Session and the Server returns two values which uniquely identify the Session . The first value is the sessionId which ... used to identify the Session in the audit logs and in the Server's AddressSpace . The second is the authenticationToken which is used to associate an incoming request with
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.7.2.2 Parameters

longer used. The Client shall set this value to null or empty and the Server shall ignore any value provided. endpointUrl String The network address that the Client used ... access the Session Endpoint . The Server uses this information for diagnostics and to determine what URLs to return in the response. The Server should return a suitable default
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.7.2.3 Service results

code. Bad_NonceInvalid See Table 178 for the description of this result code. A Server shall check the length of the Client nonce and return this status if the length ... CertificateIssuerRevoked See Table 178 for the description of this result code. Bad_TooManySessions The Server has reached its maximum number of Sessions . Bad_ServerUriInvalid See Table 178 for the description
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.7.3.1 Description

Service request other than CloseSession after CreateSession . Failure to do so shall cause the Server to close the Session . Whenever the Client calls this Service the Client shall prove that ... Once used, a serverNonce cannot be used again. For that reason, the Server returns a new serverNonce each time the ActivateSession Service is called. When the ActivateSession Service is called
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.7.3.2 Parameters

ActivateSession during a single application Session . If it is null or empty the Server shall keep using the current localeIds for the Session . userIdentityToken Extensible Parameter UserIdentityToken The credentials ... user associated with the Client application. The Server uses these credentials to determine whether the Client should be allowed to activate a Session and what resources the Client has access
OPC-10000-4 – OPC Unified Architecture - Part 4: Services

5.7.3.3 Service results

least one Software Certificate that is valid and meets the profile requirements for the Server . Bad_IdentityChangeNotSupported The Server does not support changing the user identity assigned to the session