4 OPC UA security architecture ToC Previous Next

4.3 Security threats to OPC UA systems ToC Previous Next

4.3.6 Message replay ToC Previous Next

Network traffic and valid application layer Messages may be captured and resent to OPC UA Clients, Servers and Subscribers at a later stage without modification. An attacker could misinform the user or send a valid command such as opening a valve but at an improper time, so as to cause damage or property loss. An attacker may attempt to establish a Session using a recorded Session.

Message replay impacts Authorization and during Session / secure channel establishment Authentication. See 5.1.6 for the reconciliation of this threat.

Previous Next