7.4.1 OPENSCS Facets
The following sub-clauses define OPENSCS Facets that, when implemented, are used to add additional functionality to the basic OPENSCS functionality.
7.4.1.1 OPENSCS Security Server Facet
The OPENSCS Security Server Facet defined in Table 72 includes ConformanceUnits for Servers that are not included in other OPC UA defined Facets and Profiles. This Facet is required to meet the security requirements of OPENSCS.
| Security Conformance Unit | Defined in | Optional / Mandatory |
| OPC UA Authority Profile | OPC 10000-7 | M |
| Security Time Synch – NTP / OS Based support | OPC 10000-7 | M |
| Security Administration | OPC 10000-7 | M |
| Security Role Server Restrict Applications | OPC 10000-7 | M |
| Security Role Server Restrict Endpoints | OPC 10000-7 | M |
| Security Role Server Role Permissions | OPC 10000-7 | M |
| Security Role Server Authorization | OPC 10000-7 | M |
7.4.1.1.1 OPENSCS Server Mandatory Authentication
OPENSCS security requirements mandate that the session shall always be authenticated. The use of endpoints enabling the security policy SECURITY_POLICY_NONE is not allowed.
7.4.1.2 OPENSCS Security Client Facet
The OPENSCS Security Client Facet defined in Table 73 includes Conformance Units for Clients that are not included in other OPC UA defined Facets and Profiles. This Facet is required to meet the security requirements of OPENSCS.
| Security Conformance Unit | Defined in | Optional / Mandatory |
| OPC UA Authority Profile | OPC 10000-7 | M |
| Security Time Synch – NTP / OS Based support | OPC 10000-7 | M |
| Security Default Application Instance Certificate | OPC 10000-7 | M |
| Security Policy Required | OPC 10000-7 | M |
| Authorization Service Client | OPC 10000-7 | M |
7.4.1.2.1 OPENSCS Client Mandatory Authentication
OPENSCS security requirements mandate that the session shall always be authenticated. The use of the security policy SECURITY_POLICY_NONE is not allowed.