Emerson’s David Cooper presented OPC UA Implementation in Ovation Systems – Features and Functions at the 2023 Ovation Users Group Conference. David opened his presentation by sharing the background of the OPC standard. The focus has always been to be an industry standard for data exchange interoperability. The interoperability specifications include the interface between clients and servers, the interface between servers and servers, real-time data, alarm and event data, and historical data.
OPC UA or unified architecture is the latest generation of the standard as it has evolved over the decades from the original OLE for Process Control (OPC) based on Microsoft’s Object Linking & Embedding (OLE) technology. OPC’s acronym was recast to be “Open Platform Communication”.
Here is the basic OPC architecture.
OPC UA is a platform-independent service-oriented architecture that integrates OPC Classic functionality into a single framework. Its design goals were to be a functional equivalence with OPC classic, platform independence, secure, extensible, and information modeling.
The specification includes:
- Discovery. Find available OPC UA servers
- Address space. Data is represented hierarchically
- On-demand. Read and write data based on access permissions
- Subscriptions. Monitor data and report-by-exception based on client’s criteria
- Events. Notify important information based on client’s criteria
- Methods. Clients can execute programs based on methods defined on server.
The specification is platform independent of hardware platforms and operating systems, such as Microsoft Windows, Apple OSX, Android, Linux, etc. From a security perspective, OPC UA is firewall friendly, unlike the classic versions of OPC.
It provides a suite of controls:
- Transport. Binary, JSON, Websockets, etc.
- Session Encryption. Messages are transmitted securely
- Message Signing. Recipient can verify the origin and integrity of messages
- Sequenced Packets. Eliminates exposure to message replay attacks
- Authentication. Client and server is identified through X509 certificates
- User Control. Applications can require users to authenticate and can restrict their capabilities
- Auditing. Activities can be logged providing an audit trail.
OPC UA information modeling and access provide great flexibility and are fundamental elements. It defines rules and basic building blocks. It defines the access mechanisms required by the models including browsing, read and write operations for current and historical data, method execution, and notification for data and events. Publish/subscribe (Pub-Sub) provides a one-to-many alternative mechanism for data and event notification.
From a security perspective, the OPC UA standard provides end-to-end communication security, user authentication, roles and role management, audit logging, and a certificate management infrastructure.
The Ovation UA application is a component of the Ovation SCADA server and Ovation CPS. It has client and server implementations and runs on all SCADA and CPS platforms—Workstation, ELC, OCC100, OCR3000, and coming to the OMC100 controller. It implements OPC data access client and server, and OPC alarms and conditions client.
From a configuration standpoint, Developer Studio is used to configure all platform devices. Certificates are generated with tools on the Ovation database server and are generated with tools there. The protocol configuration tool is used to configure OPC UA client and server for all devices.
Visit the Ovation SCADA Communication Server data sheet for more information on how the OPC UA standard in the Ovation system enables greater interoperability with a wide range of automation products and systems.