OPC UA Defined and How it Impacts Automation
OPC UA is an important building block that enables users to build the next generation of software automation solutions. With complete backward compatibility ensured, vendors will have much to gain – and nothing to lose – by adopting the new OPC Unified Architecture.
Over the past decade, software vendors have used Object Oriented Architectures and Service Oriented Architecture to design products that are both scalable and reliable. Surprisingly, these successful architectural models had rarely been used to exchange information throughout the factory floor – until the advent of OPC UA. The delay in the adoption of these technologies is mostly because automatic applications were lagging behind, and were designed to process single points of information, rather than to consume and transform complex information.
The information carried within an object is far richer than the information carried with simple row data. In a typical automation application you rarely wish to analyse single, isolated row data. It’s far more interesting to analyse the data in terms of its relationship with other data – and in terms of the operation, or method that can be performed.
Any real-life object carries a tremendous amount of information within it. For example, when thinking in terms of objects, the information carried by a boiler object is far superior to the simple combination of individual row data for pressure and temperature. A physical boiler is an object that we can physically interact with by turning it off or on, by changing a reference temperature setpoint or by analysing how a change of one parameter affects the others. This information is logically grouped and must be analysed all together.
In software terms, an object is a collection of properties (temperature, pressure), methods (turn off, turn on) and events (temperature is too high, pressure is too low). Objects are organized in hierarchies in such a way that an object can contain simpler smaller objects as properties (the valve of a boiler can, itself, be an object that exposes properties, methods and events). When thinking in these terms, it is clear how beneficial it would be to map the data of the factory floor into a hierarchy of objects.
Multi-Layered Approach
OPC UA is the result of a multi-year collaboration of industry leaders who aimed to create an open standard for exchanging information in a rich, object-oriented and secure way. This standard represents the answer to the fundamental need for mapping and exchanging real-life information in a platform-independent way, while maintaining compatibility with the OPC Classic specifications.
According to the OPC Foundation website, the original goals of the OPC UA design specification included the following:
- Functional equivalence: ensures compatibility with OPC Classic specifications
- Platform independence: regardless of hardware or infrastructure type
- Secure: regarding encryption, authentication and auditing
- Extensible: to easily add new features to established applications
- Comprehensive information modelling: for defining complex information
OPC UA has a dual nature: it is object-oriented and it is service oriented. The object-oriented nature of OPC UA enables reusability of assets across the factory floor and provides a common object management method to support complex and flexible data models. The service-oriented nature of OPC UA allows for broader interoperability with other platforms, as well as for increased visibility and security.
OPC UA Standard
OPC UA does not replace existing standards such as OPC, but rather complements them by providing a common interoperability layer for exchanging information and orchestrating processes. OPC UA embodies all the functionality of the existing OPC servers and expands on top of them. Backward compatibility with previous standards will ensure quick adoption on the market.
One of the key issues with standards of this magnitude is that implementing them can be quite challenging. The OPC Foundation has taken many steps to guarantee that the implementation of the standard would be a straightforward and easy process.
To facilitate the adoption of the new standard and to reduce the barrier to entry, the OPC Foundation has developed an OPC UA software development kit (SDK). The SDK is the entry point to jump-start your existing applications and make them OPC UA-enabled.
The SDK consists of a series of application programming interfaces and sample code implementations. To that end, the UA specification is written to be platform-agnostic and, for that reason, the SDK comes in different flavours to facilitate adoptions on different platforms. The .NET, ANSI C and Java sample implementations are readily provided to OPC Foundation members.
Each flavour of the SDK is designed to fit special needs in terms of platforms, memory and processor requirements, but they are all capable to seamlessly interoperate with each other. The .NET version of the SDK is more suited for rich client/server implementation, while the ANSI C version is more suited for thin implementation for embedded devices, where memory footprint and CPU utilization are more important.
The Java implementation is geared toward the Web environment and thin clients but can also be used in other environments. Each software vendor can pick the implementation that they prefer, depending on their unique requirements for performance, cross-platform capability and Internet of Things (IoT) considerations.
In addition to the SDK, the OPC Foundation also provides a series of binary adapters. The adapter can be used to grant direct access to all legacy COM-based OPC servers from the new OPC UA client. Simultaneously, the adapter can also be used to grant access to a subset of OPC UA server features from legacy OPC clients.
OPC UA and the Internet of Things (IoT)
The concept of the Internet of Things (IoT) focuses on the ability for machines to communicate via internetworking technology, similar to how millions of people worldwide share information via the traditional Internet. There are multiple communication technologies involved with the Industrial Internet of Things (IIoT), allowing a multitude of industrial machinery to share data. Such machinery can include production equipment on a factory floor, an intermediary PC for monitoring and control, meters that measure facility energy use, and more.
The rapid pace at which an increasing number of previously autonomous equipment can now share data via internetworking has brought about an additional concept; that of the fourth industrial revolution or, Industrie 4.0. Some key intended benefits of adopting such initiatives as IIoT and Industrie 4.0 are to increase efficiency (shorten production cycles, reduce time to market) and encourage sustainability of resources (monitor and reduce energy use). However, connecting legacy disparate machinery can prove to be difficult without a communications/technology standard.
OPC UA meets Industrie 4.0 requirements thanks to the fact that it is not based on any one communications technology from any specific manufacturer, sector, operating system or programming language. In addition to being platform-agnostic, OPC UA can also be widely scaled, from a 15kB device up to multi-core hardware, regardless of CPU (Intel, ARM, PPC, and so on). This means the ability to network between individual sensors, embedded devices, PLC controllers, PCs, smartphones, mainframes, cloud applications and more.
OPC UA also assists with plug-and-produce equipment rollouts, where users expect devices to be immediately recognized within their network. OPC UA’s included discovery mechanisms identify OPC UA-capable devices and their functions when added to a network. Such a setup can work locally (on the same host), in a subnet, or globally (within a large enterprise network).
With OPC UA’s standards-based communications, vendor independence, scalability and ability to plug-and-produce, the Industrial Internet of Things will continue to expand, as will the Industrie 4.0 revolution.
Security in Three Levels
Considering the intended adoption of a unified data exchange architecture, secure transfer and authentication at the user and application levels must be ensured. OPC UA technology was certainly developed with security in mind. It uses X.509 certificates, Kerberos, or user/password verification for authentication of the application. It also provides signed and encrypted transfers, as well as a rights concept at the data point level with additional audit functionality.
OPC UA provides the secure, reliable and platform-independent transport of data from sensors and the field level up to control and production planning systems. It offers protection against unauthorized access and modification of process data, as well as against sabotage and careless operation. In addition to user/application authentication, it also contains the ability for the signing of messages and transmitted data encryption.
When considering security methods, those developing the OPC UA standard saw similarities in the way that Internet data can be secured; for example, using Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Advanced Encryption Standard (AES) techniques. With such OPC UA scalable security, users can combine such functions depending on their needs and use cases.
OPC UA security covers three levels:
- User Security
- Application Security
- Transport Security
Both User Security and Application Security are part of session setup. The associated security mechanisms are executed when a session is initiated. Transport Security involves signing and encrypting the messages, preventing unauthorized access or unintended data manipulation.
Developers of the OPC UA standard understood at the technology’s inception that, by developing an architecture that was meant to be unified, they would simultaneously need to ensure strong, scalable security.
Compliance Tools
Software programming is not an exact science. Even with the availability of the OPC UA SDK sample code there is still room for errors such as misinterpretation of the specification or simple coding errors. So how do you reduce the number of errors and guarantee an unambiguous interpretation of the standard? How do you ultimately guarantee interoperability between software produced by different vendors?
The solution is provided again by the OPC Foundation through its certification programme. To facilitate the successful adoption of OPC UA solutions, the OPC Foundation offers a set of compliance tools aimed at verifying that a given product is fully compliant with the standard.
Software vendors can submit their applications to independent test companies that will certify the compliance with the standard using the compliance tools. Having a certified solution guarantees reliable data exchange between applications from different vendors, and is beneficial for everyone.
The OPC UA SDK enables software vendors to quickly move information horizontally between devices on different industrial networks from different vendors, as well as vertically from the factory floor through the enterprise of multi-vendor systems – with stops in between.
Several leading suppliers have partnered to provide end-to-end solutions that leverage the OPC Unified Architecture to deliver value to end-user customers. We see an increasing interest for these technologies and are sure that OPC UA is on the road to success as the leading standard for exchanging information on the factory floor, between IIoT devices and throughout the enterprise. Expect to see vendors quickly support OPC UA in all of their new applications over the next few years.