1. OPC Foundation
The interoperability standard for industrial automation & related domains
OPC Technology & The Future
with OPC Unified Architecture
Nathan Pocock
Director, Certification & Compliance
nathan.pocock@opcfoundation.org
2. About the OPC Foundation
• An independent, non-profit organization founded in 1995.
• Developers of worldwide industry standards for multi-vendor
interoperability and data transfer of information.
• OPC specifications are defined by volunteers from over 450 members
worldwide and are also available as IEC standards.
• Extensive adoption from manufacturers and solution-providers in
factory and process automation.
• Future-thinking technology that provides platform-independent
connectivity of devices, systems, networks, and enterprise computing
solutions.
6. Features Provided By OPC
Features Benefits
• Discover OPC Servers on the • Clients can be completely agnostic to
network/PC the underlying PLC, protocol, and
addressing scheme
• View the tags available in the server
• Easy configuration possible by simply
• Tags could be grouped into a pointing + clicking
hierarchy
• Reading and writing to tags is much
• Read one or more tags easier than memorizing a PLC
address
• Write to one or more tags
• Optimized traffic on the wire thanks to
• Subscribe to tags and receive value- a highly-efficient subscription model.
change notifications – Adding more clients does not necessarily
add more overhead.
• Easily identify good/bad data
7. History: Technology evolved…
• Over time, other problems needed solving and
new OPC technology standards emerged:
Problem Solution
How to let OPC solve more problems “OPC” re-branded: Data Access
More capabilities needed in Data Access OPC Data Access 1.0, 2.05a, 3.0
Need to store real-time values OPC Historical Data Access
Need to standardize Alarm Notifications OPC Alarms & Conditions
Need to standardize data acquisition via internet OPC XML-DA
Need to allow PLC-to-PLC communications OPC Data eXchange
Need to secure access to servers/tags OPC Security
Need to standardize batch-process operations OPC Batch
Need to standardize a simple PLC program OPC Program
7
8. Benefits From OPC Adoption
• Vendors were no longer required to maintain extensive
device protocol libraries
• High-quality and affordable device-drivers (Servers)
emerged
• More specialized Clients emerged
• Developer toolkits emerged for rapid development of
custom applications that could also integrate with the OPC
infrastructure
• End-users could mix-and-match numerous vendor
products to achieve the best overall solution
9. Achieving Vendor Interoperability
Compliance Certification Program
• Compliance program to help vendors • Certified products are tested in a
develop compliant products sanctioned & independent Test Lab
• Test Tools available to members • Rules of certification governed by the
Compliance Working Group – open to
• Interoperability workshops members
• Certification program • Certification testing includes:
– Compliance to OPC specifications
– Interoperability with other vendor products
– Robustness & recovery
– Usability (interface, document etc.)
– Resource efficiency (36hr load-testing)
11. History: Integration Difficulties
• Each OPC Specification solved a OPC Application
unique problem
DA A&E Batch Security
• Each OPC Specification was its
XML
own self-contained solution HDA
DA DX
• No “true” integration between
OPC technologies
• Development effort doubled..
Tripled.. quadrupled etc.
• Development somewhat eased by
DA A&E Batch Security
Microsoft’s COM/DCOM platform
XML
HDA
DA DX
OPC Application
12. OPC Adapts to NEW Challenges
Challenge Solution
• Integrate existing technologies • Re-design OPC technology
• Provide platform-independence implementation:
• Extensibility, for newer technology – Model a framework incorporating
profiles and specifications all existing specifications
• Work online, remain secure:
– Use standard platforms not tied to
– Resist remote attacks a vendor, e.g. TCP/IP, openSSL
– Protect valuable data etc.
– Audit logs (who did what)
– Use standard security tools for
• Be compatible with OPC Classic certificates and encryption
• Stay FAST
• “Unified Architecture” born!
• Provide MORE diagnostics.
• Be easy! No more DCOM!
13. OPC UA: Feature Summary
• Incorporates ALL of the OPC Classic specifications into one cohesive
standard:
DA, HDA, A&E, DX, XMLDA, Batch, Security, Program etc.
• Vendors that support one technology, e.g. DA, will be able to very
quickly and easily add others, e.g. A&E, HDA, Programs etc.
• Provides backwards compatibility with OPC Classic via Proxy/Gateway
components.
• Achieves other goals for security, platform-
independence, performance, and growth.
• Vendor products can now quickly and easily be expanded over time to
incorporate newer features and capabilities at minimal cost.
• Everything you know about OPC Classic is the same in UA!
15. OPC UA: Platform Independence
CE
microchip Tablet
Desktop PC
Enterprise Servers
Laptop
iPhone
PLC/Controller
16. OPC UA: Security (channel)
• Each UA application is uniquely identified
with an x509 certificate
X509
UA Server
• Each UA application can be configured Trust List
to trust specific apps x509
• Only TRUSTED Clients can connect to
your valuable Servers Client:
“here’s my x509, can I connect?”
• The connection can be:
Server:
• Insecure: for isolated networks and “I trust you, here’s my x509…”
maximum performance
• Encrypted with standard algorithms (RSA, Client:
SHA1) offering 128, 256, 512, 1024, 2048 “I trust you too”
bit ciphering etc.
• Each UA message/packet is:
X509 UA Client
• Signed, to prevent tampering Trust List
x509
• Sequenced to eliminate message-replay,
injection, and detect lost messages
17. OPC UA Security: Authentication
• Only the RIGHT people need
access to your systems/data. I can prove who I am
• Users can be identified via:
– Anonymous (no security)
– Login name and password
– X509 certificate
– Kerberos
– Other?
• Restrict user access to data
I can’t see through the
• You can log ALL activities encryption let alone
guess credentials
18. Unified Architecture Summary
• OPC Unified Architecture
– Enables platform independence
– Adds reliability and robustness
– Extensible architecture allows for future growth
– Communicates information, not just data
– Maintains performance with reliability
– Security may help achieve regulatory compliance
– Backwards compatible with “OPC Classic”
– No more DCOM headaches
• OPC Unified Architecture & Collaboration
– Enable enterprise interoperability
– Better Information model integration
• Backed by an “open” Certification program
18
19. OPC Technology Summit:
Save the date! October 2012
• Global summit to promote OPC education
• October 16-18, 2012
• Renaissance Orlando at SeaWorld, Florida, USA
• Who should attend:
OPC End-users, Developers and Integrators
• Agenda includes:
• OPC UA technology and value proposition
• Supplier/developer presentations
• End-user presentations (various markets)
• Certification and compliance overview
• Keynote: Control Systems Cyber Security expert
from Department of Homeland Security
• Vendor exhibit area with table-top displays
• Register now at www.opcfoundation.org/events
20. The End
The interoperability standard for industrial automation & related domains
Questions…
Nathan Pocock
Director, Certification & Compliance
OPC Foundation
nathan.pocock@opcfoundation.org
Editor's Notes
Non-profitWe define technology to share information between disparate systemsCreate specs, not productsAdoption in automation industry primarily; no other technology competes with OPCFuture-thinking technology, will adapt/evolve over time.
Significant membership in Europe,North America, and Asia is growing rapidly.Many markets are served, some displayed on-screen.
OPC able to solve other problems and turn custom technologies into standard technologies