OPC UA (OPC Unified Architecture) is a platform-independent, service-oriented, open, and secure communication architecture. It enables interoperability of industrial automation devices, systems, and software applications from different vendors. The OPC UA information model defines the codes and formats for exchanging data using various transport protocols.
The same foundation developed OPC UA and its predecessor, Open Platform Communications (OPC), but they are significantly different. The foundation continues to develop OPC UA to create an architecture that is more desirable than the original OPC communications and more in line with the needs of evolving industrial automation.
The OPC Foundation released the first version of the OPC UA specification in 2006, and as of today, OPC UA is at version 1.05. In addition to the Client-Server (Subscriptions) model, OPC UA includes a Pub-Sub mechanism, which allows pushing JSON specifications (also using the standard-defined binary specification – UADP) over the UDP protocol, MQTT protocol, or AMQP protocol.
Through the fast, secure, and reliable transport channel provided by the MQTT protocol, OPC UA can directly use the internet for data transfer while retaining the key benefits of OPC UA’s end-to-end security and standardized data modeling.
Features of OPC UA
- Functional equivalence – All OPC Classic specifications map to the UA, and the OPC UA includes the DA, A&E, and HDA functionality found in OPC Classic:
|Find available OPC servers on your local PC and/or network
|All data is represented hierarchically (e.g. files and folders), allowing OPC clients to discover and utilize simple and complex data structures
|Read and write data/information based on access rights
|Monitor data/information and report exceptions when values change beyond the client’s settings
|Client-based settings notify important information
|Clients can execute programs based on methods defined on the server, etc.
- Security – Message encryption, authentication, and auditing, one of the most important considerations for an organization when choosing a technology standard is security. OPC UA addresses security by providing a set of controls when passing through firewalls:
|A number of protocols are defined, providing options such as ultra-fast OPC binary transfers or the more general SOAP-HTTPS
|Information is transmitted securely with 128-bit or 256-bit encryption levels
|The signature must be identical when the message is received as when it is sent.
|Sequencing Data Packages
|Identified message replay attacks eliminated through sequencing
|Each UA client and server is identified by an OpenSSL certificate, which provides control over how applications and systems connect to each other.
|Applications can require user authentication (login credentials, certificates, etc.) and can further restrict or enhance user access to permissions and address space “views”.
|Logging of user and/or system activity to provide an access audit trail
- Comprehensive Information Modelling: The OPC UA Information Modeling Framework, used to define complex information, converts data into information. It allows modeling and extending even the most complex multi-level structures through fully object-oriented functionality, with the capability to define data types and structures in configuration files.
Information Model for OPC UA
The OPC UA information model, the address space, is a network of nodes and references forming a structured graph.
Objects in a standard form are represented in the address space, where model elements are called nodes. The address space represents objects and their components as a collection of nodes, described by attributes and connected by references. OPC UA modeling is all about creating nodes and references between nodes.
OPC UA uses objects as the basis for representing data and activities in the processing system. Variables, events, and methods are interconnected by reference within objects.
- Attributes describe nodes, and different node classes have different sets of attributes. The definition of a node class includes defining attributes, so the address space does not include attributes.
- A Reference represents a relationship between nodes. An instance of a node of the reference type that exists in the address space defines a reference.
- Generic properties of the node model
The source node is the node containing the reference, and the target node is the referenced node. The referenced target node can be in the same address space as the source node, or in the address space of another OPC server, or even the target node can be non-existent.
The most important node categories in OPC UA are objects, variables, and methods.
- Object nodes: Users use object nodes to form address spaces, and these nodes do not contain data. They use variables to expose values for objects. Users can use object nodes to group management objects, variables, or methods; variables and methods always belong to an object.
- Variable node: Variable node represents a value. The data type of the value depends on the variable. The client can read, write, and subscribe to the value.
- Method node: The method node represents a method in the server that the client calls and receives the result. The input parameters and the output result are in the form of variables as part of the method node. The client specifies the input parameters and gets the output result after the call.
Why Bridge OPC UA to MQTT?
MQTT is a lightweight, efficient, and reliable messaging protocol for IoT, using a publish-and-subscribe model to support real-time communication. MQTT is well-suited for resource-constrained environments, especially scenarios requiring efficient power and bandwidth use.
Built on MQTT 3.1.1, SparkplugB ensures flexible, efficient basic data modeling for industrial IoT through an industry-established specification. SparkPlugB achieves strong interoperability and network state awareness, thanks to MQTT’s excellent design.
OPC UA and MQTT have a certain degree of functionality overlap, but their use of scenarios is very different:
- OPC UA facilitates seamless communication among diverse equipment and systems in the industry by using a standardized language.
- MQTT efficiently handles real-time sensor data over the Internet, addressing low bandwidth and unreliable network conditions in IoT applications. Its read/publish mechanism offers remarkable flexibility in usage.
In industrial scenarios, MQTT excels at messaging in distributed systems, while OPC UA focuses on providing interoperability. OPC UA abstracts and aggregates business data, and MQTT facilitates seamless, distributed data exchange with its strong connectivity capabilities.
OPC UA over MQTT
The Pub-Sub model proposed by the OPC Foundation in the latest specification of OPC UA allows data changes to be pushed to subscribers using the MQTT Broker.
Pub-Sub security is a bit more complex than that in client/server, and the specification is not as detailed. In an MQTT network, security is based on SSL/TLS, and the broker can define application-level authentication in addition to enabling SSL/TLS for transport.
In principle, these security models are either all or nothing for every subscriber and publisher that can join the network. The ongoing standardization of OPC UA is still a work in progress, and it remains unclear how to best map the rich OPC UA information model to MQTT.