OPC Unified Architecture (UA) is a platform-independent, service-oriented protocol design that integrates all the functionality of the individual OPC Classic specifications into one extensible specification framework. This approach accomplishes functional equivalence to OPC Classic, with all COM OPC Classic specifications mapped to UA. It also achieves platform independence with support for ARM/x86, Windows/non-Windows, and security, including encryption, signing, and authentication. Extensibility, the ability to add new features without affecting existing applications, and information modeling, which creates standard and custom information structures from unstructured data, are also key components of OPC UA.
The OPC UA specification offers the same features as OPC Classic, plus modeling and behavior specifications, such as Data Access, Historical Access, Alarms and Conditions, and pub/sub communication. It also supports specifications like Services, Mappings, Profiles, and Security. OPC UA's extensibility with the OPC UA Client driver allows for easy addition or modification of specs without affecting existing UA-enabled applications.
The fast and secure OPC UA Binary TCP protocol offers industrial HMI, SCADA, and other OT systems the security, flexibility, and performance required for modern process control and data acquisition.
OPC UA’s built-in authentication features allow applications to apply granular, roles-based access controls for any object present within the OPC UA server.
OPC UA is well-suited to safely move industrial data through secure network barriers like firewalls. As part of the base standard, OPC UA offers client/server protocol support with only a single, user-selected TCP port utilized to host the connection on the server side. This limits the number of inbound ports required for data access between secure layers and upper network levels, increasing security and reducing business risk.
The flexibility of OPC UA namespaces allows node IDs from external sources, including other OPC UA servers to be automatically sourced and rendered in a single, concise address space, reducing integration time and system complexity.
OPC UA offers critical features necessary for safe and secure connectivity and data acquisition for Industry 4.0 efforts, including access controls, encryption, data contextualization, and modeling.
OPC UA defines multiple transport types like high-performance OPC-binary over TCP or the heavier, but more open, JSON encoding type over Web Sockets.
Each message exchanged by server and client includes a unique cryptographic thumbprint, allowing client and server to verify the integrity of received messages.
Messages between OPC UA clients and servers can be encrypted and securely transmitted using a variety of best-in-class encryption algorithms.
Assigns an unalterable sequence to exchanged messages, eliminating the possibility of message replay attacks.
OPC UA parties identify themselves through industry-standard X.509 digital certificates, allowing unambiguous determination of identity and granular control of permitted connections.
OPC UA supports the exchange of user information like usernames and passwords, web tokens, and digital certificates that server applications can use to granularly control activities like reads, writes, and browsing.
OPC UA allows applications to create activity trails, or audit logs of commands issued by clients and messages sent by servers.
Learn how to identify and mitigate threats to your industrial control system to ensure your manufacturing sites are secure.
These key OPC UA Security concepts will help you understand how your data is protected.