Print
PDFOverview
OPC is a standard interface to communicate between numerous data sources, including devices on a factory floor, laboratory equipment, test system fixtures, and databases. The OPC Foundation defined a set of standard interfaces that allow any client to access any OPC-compatible device using a protocol now referred to as Classic OPC. This protocol utilizes the Microsoft-based COM/DCOM technology to provide standard specifications for data access (DA), historical data access (HDA), and alarms and events (A&E). Although basing a protocol on this technology made sense in the 1990s, Classic OPC has several limitations because of this reliance on the Microsoft Windows platform, in the form of security issues and platform dependency.
OPC Unified Architecture (UA) is a new communication technology standard which was first released by the OPC Foundation in 2006 as an improvement upon its predecessor, Classic OPC. OPC UA includes all of the functionality found in Classic OPC. This is done by bringing together the different specifications of Classic OPC into a single entry point to a system offering current data access, alarms and events, combined with the history of both.
Furthermore, OPC UA is based on a cross-platform, business-optimized Service-Oriented Architecture (SOA), which expands on the security and functionality found in Classic OPC, instead of the Microsoft-based COM/DCOM technology. OPC UA supports two protocols: a binary protocol that employs minimal resources, allowing for easy enablement through a firewall; and a Web Service protocol (SOAP) which uses standard HTTP/HTTPS ports. Because of the benefits of this new protocol, an increasing trend of industrial applications have adopted the UA protocol both in the traditional OPC-centric Industrial Automation space and emerging areas, such as energy.
Table of Contents
- Cross-Platform Capabilities
- Expanded Security
- IT Integration
- Compatibility
- Conclusion
- Related Resources
Cross-Platform Capabilities
Classic OPC requires a Microsoft Windows operating system to implement COM/DCOM server functionality. By utilizing SOA and Web Services, OPC UA is a platform-independent system that eliminates the previous dependency on a Windows operating system. By utilizing SOAP/XML over HTTP, OPC UA can deploy on a variety of embedded systems regardless of whether the system is a general purpose operating system, such as Windows, or a deterministic real-time operating system.
Figure 1 : OPC UA bypasses the need for a Windows-based component and can communicate directly with embedded OPC UA servers on PLCs.
Because of the benefits of OPC UA, National Instruments has chosen to integrate the creation of OPC UA clients and servers communication into two NI LabVIEW add-on modules. For programming Windows-based targets, the LabVIEW Datalogging and Supervisory Control (DSC) Module provides OPC UA capabilities. For NI Real-Time hardware targets, the LabVIEW Real-Time Module enables the OPC UA communication feature set. These capabilities allow both Windows and real-time based LabVIEW applications to communicate through the OPC UA networks to OPC UA-enabled PLCs, data logging historians, and SCADA systems.
>> Learn more about the LabVIEW Real-Time Module
>> Explore the LabVIEW Datalogging and Supervisory Control (DSC) Module
Expanded Security
One of the most important benefits of eliminating the reliance on COM/DCOM technology is the expanded security features. Classic OPC systems rely on difficult and complex configuration of DCOM to provide inter-process security. Too commonly, vendors overlook this step in testing stages, which resulted in to difficult configuration for users. This often leads to security being disabled all together and thus, large security gaps in the network. In Classic OPC, developers must use Access Control lists stored in DCOM settings to configure the security settings for each component. In contrast, OPC UA uses standard web technologies as a security foundation including both authentication and encryption capabilities to protect data.
Figure 2 : OPC UA requires handshaking between clients and servers using X.509 Web standard certificates for authentication before they are able to talk with one another.
In Figure 2, OPC UA servers and clients rely on unique certificates to communicate with one another. OPC UA supports PKCS12 Public-Key Cryptography Standards to provide the X.509 private keys and certificate files that contain public keys. Both server and client can select which pair of public keys and private keys to use. To communicate between the server and client, the user can choose from three kinds of messaging modes: None, Sign, Sign and Encrypt. Additionally, the user can enable one of the two security policies: Basic256 and Basic128Rsa15. These security policies are the bases for the algorithm to sign or encrypt the data between the client and server.
IT Integration
As a direct result of the standardized security model, OPC UA allows for easy integration into pre-existing IT networks which limits configuration costs. OPC UA can communicate through any standard HTTP or UA TCP port. Through this standardization, OPC UA can connect securely over a VPN and through firewalls to allow seamless, remote client-to-server connectivity. As previously mentioned, OPC UA also implements standard network protocols including authentication with certification and data encryption.
Compatibility
Because of the shift in data communication technology, the OPC UA protocol is not inherently backwards compatible with Classic OPC data access (DA) models. OPC DA servers require a UA Wrapper to access UA client applications. Additionally, to access UA servers, OPC DA clients need a UA Proxy which is a DCOM EXE Server that connects to UA servers by creating COM pseudo-servers.
Figure 3 : Classic OPC COM-based Clients require a UA Proxy to communicate with UA Servers.
Figure 4 : Classic OPC COM-based Servers require UA Wrappers to interact with UA Clients.
One solution to bridge DA and UA is NI OPC Servers 2012 and later. NI OPC Servers provides an OPC UA Client Driver that can be republished through an OPC DA Server to connect to an NI OPC DA Client. In addition, NI OPC Servers includes an OPC DA client driver that can be republished through an OPC UA server to connect to an NI OPC UA Server.
Conclusion
OPC UA extends the functionalities of the original OPC model, Classic OPC, by improving upon security and migrating to a platform-independent implementation based on standard web technologies. The improvements of OPC UA overcome many of the challenges with Classic OPC, and will help to drive the adoption of this open industry standard further in the Industrial Automation area as well as other application areas that require a standard, open, and secure communication interface.
Related Resources
Supported Device & Driver Plug-in List for NI OPC Servers
Reader Comments | Submit a comment »
Legal
This tutorial (this "tutorial") was developed by National Instruments ("NI"). Although technical support of this tutorial may be made available by National Instruments, the content in this tutorial may not be completely tested and verified, and NI does not guarantee its quality in any way or that NI will continue to support this content with each new revision of related products and drivers. THIS TUTORIAL IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND AND SUBJECT TO CERTAIN RESTRICTIONS AS MORE SPECIFICALLY SET FORTH IN NI.COM'S TERMS OF USE (http://ni.com/legal/termsofuse/unitedstates/us/).