OPC Unified Architecture
OPC Unified Architecture (OPC UA) is an industrial M2M communication protocol for interoperability developed by the OPC Foundation. It is the successor to OLE for process control (OPC). Although developed by the same organization, OPC UA differs significantly from its predecessor. The Foundation's goal for this project was to provide a path forward from the original OPC communications model (namely the Microsoft Windows only process exchange COM/DCOM) to a cross-platform service-oriented architecture (SOA) for process control, while enhancing security and providing an information model.
After more than three years of specification work and another year for a prototype implementation, the first version of the Unified Architecture was released in 2006.
The current version of the specification is on 1.02.
- Frequent configuration issues with DCOM;
- No configurable time-outs;
- Microsoft Windows only;
- No control over DCOM (COM/DCOM is kind of a black box, developers have no access to sources and therefore have to deal with bugs or insufficient implementations).
These drawbacks along with a number of other considerations pushed the decision to develop a new and independent stack for OPC UA, which replaces COM/DCOM. The main characteristics of this communication stack were:
- Multi-platform implementation, including portable ANSI C, Java and .NET implementations;
- Scalability: from smart sensors and smart actuators to mainframes;
- Multi-threaded, as well as single-threaded/single-task operation—necessary for porting the stack to embedded devices;
- Security, based on new standards;
- Configurable time-outs for each service;
- Chunking of big datagrams.
This communication stack reflects the beginning of various innovations. The OPC UA architecture is a service-oriented architecture (SOA) and is based on different logical levels.
OPC Base Services are abstract method descriptions, which are protocol independent and provide the basis for OPC UA functionality. The transport layer puts these methods into a protocol, which means it serializes/deserializes the data and transmits it over the network. Two protocols are specified for this purpose. One is a binary TCP protocol, optimized for high performance and the second is Web service-oriented.
The OPC information model is a so-called Full Mesh Network based on nodes. These nodes can include any kind of meta information. Think of nodes as objects, as in object-oriented programming (OOP). This object can own attributes for read access (DA, HDA), methods that can be called (Commands), and triggered events that can be transmitted (AE, DataAccess, DataChange). Nodes hold for process data as well all other types of metadata. The OPC namespace contains the type model.
Client software can verify which Profiles a server supports. This is necessary to obtain information if a server only supports DA functionality or additionally AE, HDA, etc. Additionally, information can be obtained about whether a server supports a given profile. New and important features of OPC UA are:
- Redundancy support
- Heartbeat for connections in both directions (to indicate whether the other end is "alive"). This means that both server and client recognize interrupts.
- Buffering of data and acknowledgements of transmitted data. Lost connections don't lead to lost data anymore. Lost datagrams can be refetched.
OPC UA supports two protocols. This is visible to application programmers only via changes to the URL. The binary protocol is opc.tcp://Server and http://Server is for Web Service. Otherwise OPC UA works completely transparent to the API.
The binary protocol offers the best performance/least overhead, takes minimum resources (no XML Parser, SOAP and HTTP required, which is important for embedded devices), offers best interoperability (binary is explicitly specified and allows fewer degrees of freedom during implementation) and uses a single arbitrarily choosable TCP port for communication easing tunneling or easy enablement through a firewall.
The Web Service (SOAP) protocol is best supported from available tools, e.g., from Java or .NET environments, and is firewall-friendly, using standard http/https ports.
Binary is supported by all implementations, while only .NET implementation supports SOAP.
The OPC UA specification is a multi-part specification and consists of the following parts:
- Security Model
- Address Space Model
- Information Model
- Data Access
- Alarms and Conditions
- Historical Access
In contrast to the COM-based specifications, the UA specifications are not pure application specifications. They describe typically UA internal mechanisms, which get handled through the communication stack and are normally only of interest for those that port a stack to a specific target or those that want to implement their own UA stack.
The OPC UA application developers code against the OPC UA API and therefore mainly use API documentation. Nevertheless, part 3, 4, and 5 may be of interest for application developers.
UA communication stack
The architecture of a UA application, independent of whether it is the server or client part, is structured into the following levels.
The green parts equalize to the former COM Proxy/Stubs and get provided by the OPC Foundation. New is the portability level, which simplifies porting the UA ANSI C stack also to other target platforms. A port layer for Windows and Linux gets also provided by the OPC Foundation.
At the OPC UA DevCon in October 2006 in Munich the first prototypes were presented live. Various UA Servers have been shown on a Beckhoff programmable logic controller and an embedded test board from Euros. The Beckhoff PLC is based on Windows XP Embedded and the embedded controller is based on the real-time operating system Euros. The company Embedded Labs Ltd demonstrated an OPC-UA Server based on their own C++ UA Stack executing on a single chip ARM microcontroller with 64kB RAM. In October 2012 the German Fraunhofer-Application Center IOSB-INA and the Institute for industrial Information Technologies (inIT) shows, that an OPC-UA server is scalable downto 15 kB RAM and 10 kB ROM and therefore usable at chip level.
UA Security consists of authentication and authorization, encryption and data integrity via signatures. For Web Services the WS-SecureConversation gets used and is therefore compatible to .NET and other SOAP implementations. For the binary variant, the algorithms of WS-SecureConversation have been followed and also converted to a binary equivalent. This is named as UA Secure Conversation.
As visible on the figure above, there is also a mixed version where the code is binary but the transport layer is SOAP. This is a compromise between efficient binary coding and firewall-friendly transmission. Binary coding always requires UA Secure Conversation. The authentication uses X.509 certificates exclusively. It relies on the application developer to choose which certificate store the UA application gets bound to. For instance, it is possible to use the public key infrastructure (PKI) of an Active Directory.
OPC UA APIs
The .NET implementation uses ANSI C for the lower levels and implements the rest natively in .NET. That means only the handling of the socket and the Message-Chunking gets integrated from the ANSI C stack. De-serialization takes place directly in .NET and therefore gets converted directly into .NET structures and objects. This provides better performance than de-serializing into a C structure first and then copying the data to a .NET structure afterwards.
Various stacks for Java were being developed. Similar to .NET, there are principally three variants:
- Encapsulate the complete ANSI C stack via JNI, which complicates portability. Although the stack can be ported to different operating systems, it needs to get compiled for those individually. Also, the data needs to get copied to the JNI boundary, but benefits from the performance of C during de-serialization.
- Code directly on the network layer (similar to the current .Net implementation) and de-serialze in Java. This saves one data copy execution, but still depends on the C stack.
- Write a native Java OPC UA stack. This was observed to be the most portable, but estimated to take the most engineering effort to implement. Inductive Automation proved this concept by implementing a 100% Java stack for their Ignition platform in January 2010.
Alternatively, there is the simple variant to only support the WebService protocol. For that, a SOAP Toolkit that supports WS-Security is needed.
IEC 62541 is a standard for OPC Unified Architecture.
|IEC/TR 62541-1||02/2010||OPC Unified Architecture - Part 1: Overview and Concepts|
|IEC/TR 62541-2||02/2010||OPC Unified Architecture - Part 2: Security Model|
|IEC 62541-3||07/2010||OPC Unified Architecture - Part 3: Address Space Model|
|IEC 62541-4||10/2011||OPC Unified Architecture - Part 4: Services|
|IEC 62541-5||10/2011||OPC Unified Architecture - Part 5: Information Model|
|IEC 62541-6||10/2011||OPC Unified Architecture - Part 6: Mappings|
|IEC 62541-8||10/2011||OPC Unified Architecture - Part 8: Data Access|
- Mahnke, Wolfgang; Leitner, Stefan-Helmut OPC Unified Architecture - The future standard for communication and information modeling in automation, 3/2009 ABB Review 3/2009, page 56-61
- Leitner, Stefan-Helmut; Mahnke, Wolfgang OPC UA – Service-oriented Architecture for Industrial Applications, 11/2006 Softwaretechnik-Trends (ISSN 0720-8928)
- Massaro, Simone What is OPC UA and how does it affect your world?, 5/15/2008 planetengineering.com
- The smallest OPC-UA server
- "OPC UA Stack Written in Java--Write Once, Run Anywhere". Automation World. 1 November 2010. Retrieved 29 Dec 2012.
- Wolfgang Mahnke, Stefan-Helmut Leitner, Matthias Damm: OPC Unified Architecture. Springer Verlag 2009; ISBN 978-3-540-68898-3
- Lange, J., Iwanitz, F., Burke, T. OPC From Data Access to Unified Architecture 2010; ISBN 978-3-8007-3242-5
- OPC Foundation
- Introduction to OPC UA based on the free open62541 stack
- OPC Unified Architecture e-Book
- The OPC Programmer's Connection
- Introduction to OPC UA Address Space modeling
- OPC-UA Stack for microcontrollers
- Cross platform OPC UA development and free cross platform clients (Windows, Linux, Android, iOS)
- SDK for OPC UA (Java) and free client/server
- Ignition Native Java OPC-UA Stack
- OPC UA for Android devices
- C++ (LGPL) and pure Python (GPL) OPC UA implementations
- CECILL-C Licensed OPC UA implementation
- Open-Source OPC UA implementation in C (LGPL + static linking exception)