Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
OPC Seminar Tour 2018
Base ConceptsSam De Key (郭文哲)
OPC(中国) 首席技术官
美国国家仪器(NI) 上海研发中心总经理
Uwe Steinkrauss
OPC Unified Architecture
OPC UA Base Concepts – Information Model & Base Services
OPC UA Transports – Client/Server & Pub/Sub
OPC UA Security – Transport & Application Layer
OPC UA Scalability – Profiles & Conformance Units
OPC UA Utilities – LDS, LDSme & GDS
OPC Unified Architecture
Definition 2003 – 2006 Verification and Implementation 2006 – 2008 Final OPC Foundation Release 2009 IEC 62541 Release 2010 – 2012
OPC UA = established OPC features+ Platform independence+ Standard internet and IP based protocols+ Built in security features+ Generic object model+ Extensible type system+ Scalability through profiles+ Migration path from Classic OPC
Expose Data
Device
Consume Data
System
OPC Unified Architecture
Information Model
OPC UA Meta Model
Built-In Information Models
Companion Information Models
Vendor Specific Extensions
OPC UA = Information Centric Layered Architecture Basic rules for exposing information with OPC UA Generic Object Model, extendabel Type System Built-In Models for:◦ Data Access◦ Alarms Conditions◦ Historic Data & Events◦ Programs◦ Device Description
OPC UA = Information Centric Layered Architecture Basic rules for exposing information with OPC UA Generic Object Model, extendabel Type System Built-In Models for:◦ Data Access◦ Alarms Conditions◦ Historic Data & Events◦ Programs◦ Device Description
OPC UA = Information Centric Layered Architecture Basic rules for exposing information with OPC UA Generic Object Model, extendabel Type System Built-In Models for:◦ Data Access◦ Alarms Conditions◦ Historic Data & Events◦ Programs◦ Device Description
OPC UA = Information Centric Layered Architecture Basic rules for exposing information with OPC UA Generic Object Model, extendabel Type System Built-In Models for:◦ Data Access◦ Alarms Conditions◦ Historic Data & Events◦ Programs◦ Device Description
OPC UA = Information Centric Layered Architecture Basic rules for exposing information with OPC UA Generic Object Model, extendabel Type System Built-In Models for:◦ Data Access◦ Alarms Conditions◦ Historic Data & Events◦ Programs◦ Device Description
OPC Unified Architecture
Everything in the UA Address Space is a Node
UA defines a none extensible list of 8 Node Classes
BaseNode+NodeId : NodeId+NodeClass : NodeClass+BrowseName : QualifiedName+DisplayName : LocalizedText+Description : LocalizedText
Object+EventNotifier : Byte
ReferenceType+IsAbstract : Boolean+Symmetric : Boolean+InverseName : LocalizedText
View+ContainsNoLoops : Boolean+EventNotifier : Byte
ObjectType+IsAbstract : Boolean
Variable+Value+DataType : NodeId+ValueRank : Int32+ArrayDimensions : Int32+AccessLevel : Byte+UserAccessLevel : Byte+MinimumSampleInterval : Int32+Historizing : Boolean
VariableType+Value+DataType : NodeId+ArraySize : Int32+IsAbstract : Boolean
Method+Executable : Boolean+UserExecutable : Boolean
DataType+IsAbstract : Boolean
Each Node Class has a defined set of Attributes
Nodes are connected by References
OPC Unified Architecture
AnalogMeasurementType is part of Built-In DataAccess Model
Object Type AnalogMeasurement
BaseObjectType
ObjectTypes
Organizes
AnalogMeasurement Measurement InstrumentRange
EURange
EngineeringUnits
H_Level
HH_Level
LL_Level
L_Level
SystemAlarm
LevelAlarm
ObjectTypeObject
Variable
OPC Unified Architecture
Object Instance AnalogMeasurement
Object Type AnalogMeasurement
Objects
Preasure
H_Level
HH_Level
LL_Level
L_Level
BaseObjectType
ObjectTypes
Organizes
AnalogMeasurement Measurement InstrumentRange
EURange
EngineeringUnits
Measurement InstrumentRange
EURange
EngineeringUnits
SystemAlarm
LevelAlarm
H_Level
HH_Level
LL_Level
L_Level
SystemAlarm
LevelAlarm
Temperature_1
Temperature_2
OPC Unified Architecture
OPC Foundation collaborates with organizations and domain experts OPC UA defines HOW Domain experts define WHAT◦ PLCopen ◦ FDI, FDT ◦ BACnet ◦ MDIS◦ ISA95◦ AutomationML◦ MTConnect◦ IEC 61850/61400 and more coming OPC UA Meta Model
Built-In Information Models
Companion Information Models
Vendor Specific Extensions
OPC Unified Architecture
OPC UA Client/Server Communication Model Client-friendly API to access information in the server 36 Services Request/Response ◦ SecureChannel Service Set ◦ Session Service Set ◦ NodeManagement Service Set ◦ Attribute Service Set (read/write)◦ Method Service Set (invoke)◦ MonitoredItem Service Set ◦ Subscription Service Set
Client-Server
OPC UA Meta Model
Built-In Information Models
Companion Information Models
Vendor Specific Extensions
Services
OPC Unified Architecture
OPC UA Base Concepts – Information Model & Base Services
OPC UA Transports – Client/Server & Pub/Sub
OPC UA Security – Transport & Application Layer
OPC UA Scalability – Profiles & Conformance Units
OPC UA Utilities – LDS, LDSme & GDS
OPC Unified Architecture
Service Oriented Architecture – Request-Response UA TCP (mandatory)◦ Binary Encoding ◦ UA TCP Transport
Webservice (deprecated)◦ XML Encoding ◦ HTTP/HTTPS Transport
Hybrid (optional)◦ Binary Encoding◦ TLS Transport OPC UA Meta Model
Built-In Information Models
Companion Information Models
Vendor Specific Extensions
Client-Server
Services
Protocols
OPC Unified Architecture
IANA: 4840 Firewall-friendly
UA Binary= mandatory
Message Security Transport Security
[graphic: copyright ascolab GmbH]
OPC Unified Architecture
TCP based Request/Response◦ Connection/session context required (peer-
to-peer)◦ Save transport, acknowledgement of every
message ◦ Late polling for “DataChange”, keep alive ◦ „Private” subscription for each client◦ Higher resource consumption when many
connections (>500)◦ Use Case: huge amount of flexible data
Server
ClientClient
Client
Server
OPC Unified Architecture
UDP based Pub/Sub◦ Connection-less, broadcast-style
communication◦ Fire and forget transportation (data loss)◦ “Public” subscription, same data for all
clients◦ Low resource consumption many
subscribers (>1000) for same data◦ Cyclic publish of “all” data (deterministic
via TSN)◦ Use Case: small amount of fixed data
Publisher
Subscriber
Broker
Publisher
Subscriber
Additional Use Cases !
OPC Unified Architecture
Utility Type Specification Parts
Part 13 - Aggregates
Part 12 - Discovery
Part 14 – Pub/Sub
Released February 2018
v1.04
OPC Unified Architecture
OPC UA Pub/Sub Communication Model (Part 14, v1.04) Generic Pub/Sub Information Model Pub/Sub Configuration◦ Connections◦ Meta Data (description)◦ Data Sets (content)
Security Configuration◦ Groups◦ Keys
OPC UA Meta Model
Built-In Information Models
Companion Information Models
Vendor Specific Extensions
Client-Server
Services
Protocols
Pub-Sub
Model
Extension, but no change to existing !
OPC Unified Architecture
Message Oriented - Publish/Subscribe pattern Different Use Cases: one-to-many, Cloud, determinism Different Protocols◦ UADP over UDP (mandatory)◦ AMQP, MQTT (optional)◦ UADP over TSN (optional)
pre-configured data content formsmessage for certain use cases
OPC UA Meta Model
Built-In Information Models
Companion Information Models
Vendor Specific Extensions
Client-Server
Services
Protocols
Pub-Sub
Model
Prot
ocol
s
OPC Unified Architecture
OPC UA specific selection of events or life data to be included in messages
Network Message
Writer
OPC UA Server’s
Information Space
Filtered List of Values
DataSetCollector
Different Encoding Options
UADP
AMQP
MQTTJSON
UA BinaryDataSetWriter
fValues
Events
DataSetMetaData ----
--------
Network Message
Messaging protocol specific encoding and transport
Different protocols can be supported e.g. AMQP, MQTT
OPC Unified Architecture
deterministic
Information Model
configuration Client/Server
Publ
ish/
Subs
crib
e
Device / Data
acyclic
controller-controllerOPC UA
Device
on demand
read/write/browse/invoke/notify
UA Client Cloud
Broker
cyclic
controller-controllermeta data security
redundancy file transfer
events historical
TSN
Request/Response
Publish/Subscribe
OPC Unified Architecture
TSN – Deterministic Layer 2 Infrastructure
OPC Unified Architecture
TSN – Central vs. Decentral Configration
OPC Unified Architecture
OPC UA Base Concepts – Information Model & Base Services
OPC UA Transports – Client/Server & Pub/Sub
OPC UA Security – Transport & Application Layer
OPC UA Scalability – Profiles & Conformance Units
OPC UA Utilities – LDS, LDSme & GDS
OPC Unified Architecture
Client/Server Security (layered architecture)◦ PKI and asymmetric algorithms to exchange session keys◦ Session keys are used for communication with symmetric algorithms◦ Session keys are frequently rotated◦ Authentication of Applications◦ Authentication of Users◦ User/Role based Authorization◦ Auditing relevant operations◦ Availability
Security for both Communications
[gra
phic
: cop
yrig
ht a
scol
ab G
mbH
]
Client ServerSrv--------
Cli--------
storestore
X509
X509
OPC Unified Architecture
Pub/Sub Security (end-to-end)◦ Session keys must be shared between Publishers and Subscribers◦ Keys are managed for a security group◦ Messages are sent in the context of a security group◦ Key distribution is done with OPC UA Client-Server security◦ Authentication and Authorization during access to security group
at key server
MessageOriented
Midleware
DirectoryQuery
Publisher SubscriberSubscriberSubscriberKey
Server
KeyServer
Register
GetKeyGetKey
OPC Unified Architecture
OPC UA Base Concepts – Information Model & Base Services
OPC UA Transports – Client/Server & Pub/Sub
OPC UA Security – Transport & Application Layer
OPC UA Scalability – Profiles & Conformance Units
OPC UA Utilities – LDS, LDSme & GDS
OPC Unified Architecture
Profile
Conformance Unit◦ Represents specific feature◦ Defines a list of test cases for the feature
Profile◦ Named grouping of features◦ Full Featured
Combination of Profiles and Conformance Units that can be used stand alone
◦ Facet Profile that can be used only in combination with other Profiles
Certification Test◦ Vendor defines list of supported Profiles◦ Certification Test executes test cases ◦ End users can rely on tested Profiles
Conformance Unit
Conformance Unit
TestCases
TestCases
Certification Test
OPC Unified Architecture
Standard UA ServerAddress Space Data Access
Security Binary Protocol
Event SubscriptionServer Facet
Method Server Facet
Alarms & Conditions
His
toric
al A
cces
s
Com
plex
Dat
a
Red
unda
ncy
Dev
ice
Inte
grat
ion
PLC
open
Full Featured Profile
Facets building on top of Full Featured Profile
Pub/
Sub
Prof
iles
unde
r con
stru
ctio
n
OPC Unified Architecture
http://www.opcfoundation.org/profilereporting
OPC Unified Architecture
OPC UA Base Concepts – Information Model & Base Services
OPC UA Transports – Client/Server & Pub/Sub
OPC UA Security – Transport & Application Layer
OPC UA Scalability – Profiles & Conformance Units
OPC UA Utilities – LDS, LDSme & GDS
OPC Unified Architecture
PLC PC
OPC UA Client
OPC UA Client
OPC UA Client
OPC UA Server
OPC UA Server
LDSOPC UA Server
LDS
Discovery with LDS:-Network nodes with OPC UA server must be known-Servers register with local LDS or have LDS included-LDS is running on defined port (4840)-LDS provides Server and Endpoint Discovery for local network node-Manual security configuration
Register
OPC Unified Architecture
PLC PC
OPC UA Client
OPC UA Client
OPC UA Client
OPC UA Server
OPC UA Server
LDS-MEOPC UA Server
Features provided:-Host name resolution without central DNS server-Find network nodes with OPC UA in local network
Advantage:-No central infrastructure required
Limitation:-Works only in local subnet
ZeroconfmDNS
LDS-MELDS-MELDS-ME
OPC Unified Architecture
PLC PC
OPC UA Client
OPC UA Client
OPC UA Client
OPC UA Server
OPC UA Server
LDSOPC UA Server
LDS
Central ServerGDS (Port:4840)
Pull / PushCertificates
CertificateAuthority (CA)
List of registered UA Servers
GDS Features:-Certificate creation / management-Certificate Authority (CA)-Management of Certificate Revocation Lists (CRL)-Push / Pull of Certificates / CRL-Network wide server registry - Security Config
- Register Server
- Security Config- Find Servers
- Certificate Rollout- Plant wide central security management
OPC Unified Architecture
OPC UA – communication platform for information models (HOW)
Domain experts define information models (WHAT)
Protocol Agnostic – Transport depends on Use Case
Security built into Architecture (managed by GDS)
Scales for all Application Scenarios in IoT and i4.0
Client-Server extended with Publish-Subscribe
OPC Unified Architecture
Innovation v1.04 2018/19 in Progress 2020 Vision
Pub/Sub JSON Web Token Reverse Connectvity SessionLess Services Security SHA256
Deterministic UA (TSN) Cloud Relay Topic-based Pub/Sub Relate Semantic Models
Transactions (config) MetaData to Cloud Harmonization (Level A) Deterministic UA 5G
OPC UA – Technical Roadmap
OPC Unified Architecture
Sam De Key (郭文哲)
OPC(中国) 首席技术官
美国国家仪器(NI) 上海研发中心总经理
Uwe Steinkrauss