TechnologyJanuary 24, 2024
OPC UA technology bridges gap between IT and OT systems
The OPC UA information modeling framework turns data into information. With complete object-oriented capabilities, even the most complex multi-level structures can be modeled and extended. Industry experts weigh in on OPC UA as the interoperability standard for secure, reliable exchange of data in industrial automation.
OPC UA provides standardized solutions for important requirements such as information modelling, information exchange, cloud connectivity and asset identification. But now the scope of its published standards has expanded with a new metaverse concept and real world examples for Digital Twins in industrial automation.
For this OPC UA solutions update, the Industrial Ethernet Book reached out to industry experts to gain their perspectives on how OPC UA is continuing to move forward with a range of effective solutions for factory automation.
Integrating OT with IT
Increasing need for data acquisition and exchange in an open, interoperable manner.
According to Konstantin Selnack, Product Manager Industrial Connectivity Products at Siemens AG, the adoption of OPC UA in automation is driven on the one hand side by the increasing need for data acquisition and exchange in an open, interoperable manner across Operational Technology (OT) and Information Technology (IT), which is critical for Industry 4.0 implementations.
But also, the standard itself, with its compelling capabilities for highly sophisticated communication is driving the adoption. Continuously providing new features and involving more industrial Domains, is a convincing factor to apply OPC UA.
“In the end, these developments come together in products and solutions of the technology providers,” Selnack said. “Today, OPC UA is not only found in controllers, but also in RFID readers, network management software and even power supplies. At the same times, these products are being expanded with additional OPC UA capabilities.”
Selnack added that, first and foremost, OPC UA is the interoperability standard for industrial communication. It allows for seamless integration of different systems and devices, making it a universal language in industrial automation.
In addition, the information modeling of OPC UA provides the “grammar” which allows industrial domains to build their own semantics within Companion Specifications. The AutoID companion specification for instances, provides a standardized information model for RFID readers, allowing to seamlessly integrate a RFID reader independent from the vendor specifics.
“In a nutshell, OPC UA allows for better data management and analysis, leading to process optimization, predictive maintenance, and other Industry 4.0 use cases,” Selnack added.
“All this is based on a highly sophisticated communication standard. It is utilizing Ethernet and therefore can be adapted to any network configuration, making it a versatile solution for connecting various systems of different scale within the industrial domain. But it also provides a robust security architecture, which is essential for industrial communication. It includes features like authentication, authorization, encryption, and data integrity checks.”
The core concept of integrating OT with IT remains the primary focus, and OPC UA continues to expand its functionalities to support this integration. A significant development is OPC UA PubSub, which incorporates MQTT to facilitate the connection with cloud-based applications. By utilizing OPC UA PubSub with MQTT, these solutions offer a direct data flow to cloud and IoT platforms, facilitating advanced data analysis and better decision-making, helping enterprises to achieve greater operational efficiency or reduce downtimes and maintenance cost.
But also managing OT devices with OPC UA capabilities is getting more attention. The addition of e.g., standardized REST-interfaces, certificate management via the Global Discovery Service or device updates via OPC UA shows, that the adoption of IT technology is of big interest.
“Another area of interest is interoperability on the field level. Here, OPC UA FX has been introduced, providing an open communication standard for connection establishment and data exchange of PLCs,” Selnack said. “UAFX is therefore bringing OPC UA benefits like interoperability or built-in security to the controller level.
Engineering challenges
Selnack added that OPC UA FX is a response to the need for seamless integration between diverse controller platforms, which traditionally has been a complex and painful process for line integrators and end-users.
“UAFX helps to reduce the integration and maintenance cost in these setups by providing a standardized information model and methods to interconnect controllers with each other. It also supports the offline engineering of systems – an UAFX machine description will provide the required machine data which have to be exchanged, allowing to do the engineering upfront,” he said.
Another challenge is the realization of the increasing security requirements in operational environments. Certificate management for instance is a huge challenge and requires today a high effort. OPC UA Part 12, discovery and Global Services introduces the Global Discovery Server, which provides a framework to roll out and maintain certificates for OPC UA devices, providing a solution to this issue.
“Overall, the main challenge of data integration is being continuously addressed with a growing offering of OPC UA functionality and implementations. Thus, the evolution of OPC UA reflects the ongoing needs of the industry and provides answers to todays and tomorrow’s challenges,” Selnack concluded.
Leveraging open standards
Security features such as encryption and authentication ensure secure data communication.
Megha Agrawal, Software Product Manager at Red Lion said that the widespread use of OPC UA (Unified Architecture) is driven by its open and vendor-neutral characteristics. This ensures smooth interoperability among a variety of industrial devices.
“OPC UA offers robust security features like encryption and authentication to ensure secure data communication between various systems. HMIs and protocol converters play a critical role in the adoption of OPC UA making it a user-friendly way to control and monitor industrial processes,” Agrawal said. “They utilize OPC UA to effectively collect and showcase data from various devices, promoting a unified working environment. These devices also support multiple protocols which can provide compatibility between OPC UA and older devices that might use legacy protocols.”
Platform independence
Agrawal said that one of the key advantages of OPC UA relates to platform independence because it can run on various operating systems such as Windows, Linux, Apple, Android. It is also designed with robust security features along with high reliability and fault tolerance.
It supports redundant servers and communications paths along with historical data access to ensure seamless communication and access to past data. Additionally, OPC UA supports a wide range of data types, including complex data structures and arrays giving it the flexibility to represent diverse information in industrial processes. These features contribute to making OPC UA a widely used standard.
“OPC UA is widely used in smart manufacturing where the plant floor has various machines from different manufacturers. These machines communicate in different languages and data needs to be gathered from all these platforms and sent to a centralized location,” Agrawal added.
“Edge devices can be utilized to gather data from various machines and send it to a centralized location via OPC UA in a secure and standardized manner. The data can then be utilized to provide meaningful insights about operations to increase productivity and reduce downtime. These solutions contribute to IoT and enterprise connectivity by providing a standardized, secure, and scalable communication framework.”
Increased adoption of OPC UA
Standardized solution to provide automation devices new firmware or software across manufacturers.
Arno Martin Fast, B.Eng., Senior Specialist, PLCnext Technology and Business Area Industry Management and Automation for Phoenix Contact said that technology solutions are driving the adoption of OPC UA automation, control and networking.
“One major advance is the ability to carry out software updates via OPC UA. Here, users benefit from the standardized solution to provide automation devices with new firmware or software across manufacturers, which enable new functions or close known security vulnerabilities,” Fast told IEB recently.
“Another aspect is the distribution and updating of OPC UA certificates with the OPC UA Global Discovery Server (GDS). This makes it much easier to handle and manage own certificates for OPC UA communication, which increases acceptance during implementation.”
Fast added that networking for automation technology without taking cyber security into account would be very negligent in today’s world.
“Secure networking in automation is essential, especially in areas of critical infrastructure, but also in all other areas in which automation technology is used. With OPC UA, the networking of devices can be secure and certificate-based, so that unwanted communication with a potentially dangerous attacker is not possible,” he said. “A defined expiring date for the certificates required for communication and the ability to revoke certain certificates in the event of danger are basic requirements for managing communication in automation technology. The OPC UA GDS as a standardized solution for managing certificates offers a great advantage here.”
IoT and enterprise connectivity
He added that the solutions mentioned above are aimed at applications that often consist of widely distributed applications, i.e. where communication to or between automation devices takes place over long distances. In these applications, the requirements for secure communication and secure automation components are very high. The secure and automated updating of automation components minimizes the risks of cyberattacks. With the certificate-based communication of OPC UA, IoT applications can be implemented with a high level of security.
In the case of locally distributed applications or if the automation devices are installed in a location that is difficult to access, it takes a lot of time and effort for users to update these devices with new software or firmware. Each device must be managed individually at the installation site or temporarily secure communication channels (such as VPN) must be configured.
“Thanks to OPC UA with the GDS and the software update model, these tasks can be solved centrally. A central OPC UA client can be used to securely update the software of the automation devices. I am curious to see what possibilities future developments of OPC UA, such as OPC UA over REST, will offer for a standardized device management and software updates on other levels,” Fast said.
Seamless data exchange
Expanding to address OT communication for effective edge computing.
“We consider the combination of an open, flexible information model, a security framework based on widely accepted robust mechanisms, the platform independence and the integration of real-time capabilities using Publish/Subscribe and TSN (time-sensitive networking) as the key technology solution for automation and control, including the network layer,” Georg Stöger, Director Training & Consulting at TTTech Industrial said recently.
“This combination fosters connectivity and data exchange in a secure and scalable manner while supporting the requirements of OT/edge applications such as control and real-time data acquisition, supporting the integration of disparate devices and systems in industrial environments.”
Stöger said that OPC UA based solutions are using the standardized information model, which provides open, vendor independent interoperability. OPC UA enables the integration of legacy systems into a wider ecosystem which provides flexibility and scalability beyond these systems’ original scope.
OPC UA solutions
“OPC UA is highly relevant for solutions in quite diverse, well established industries including manufacturing, energy, and in novel applications such as smart cities,” Stöger said. “IoT is a key aspect in all of these because cloud connectivity and computation are essential; enterprise connectivity is ensured by standardized communication framework. OPC UA facilitates seamless data exchange between devices and systems, enabling the creation of interconnected ecosystems. This contributes to the development of smart, data-driven enterprises with improved visibility and control over industrial processes.”
Stöger added that the major engineering challenges for IoT architectures revolve around data integration, interoperability, IT/OT integration, and cybersecurity. These challenges are well addressed by the flexible and scalable information model, standardized communication protocols, and the set of security measures defined by OPC UA.
“By incorporating features for Time-Sensitive Networking (TSN) for real-time communication, OPC UA is expanding its scope to address OT communication in edge computing. This evolution ensures OPC UA remains a key enabler for Industry 4.0 initiatives,” he said.
Impact of OPC UAFX
Provides data model, protocol stack and key networking technologies including security.
According to Maik Seewald, Member of IEC and ISA99 industrial security workgroups and Senior Technical Lead, Industrial IoT at Cisco, until recently, OPC UA has been a technology to support solutions and use cases in industrial automation, infrastructure monitoring, energy management, and other domains. The client/server mechanism allows it to fetch data from devices used for SCADA and other monitoring applications in an interoperable and multi-vendor way using a built-in information model as well as integrated security mechanisms.
“With OPC UAFX (initially Field Level Communication), the Publish/Subscribe mechanism and the underlying Time-Sensitive Networking (TSN) capabilities, OPC UA provides the technologies for a broad variety of use cases, often described as ‘from the sensor to the cloud’. This includes applications for Industrial IoT and for Machine-to-Machine communication meeting the essential requirements for predictive maintenance, agile manufacturing, use of AI/ML, digital twins, or the use of virtualized control hosted in a cloud-based infrastructure. These applications are key features of the Industry 4.0 initiative which refers in many places to OPC UA,” Seewald said.
He added that the continuous drive to standardize how data from industrial automation and control systems, devices and machines is generated, exchanged, and understood is critical to enabling Industry 4.0 capabilities. This is possible because standard networking technologies, such as Ethernet for wired networks, Wi-Fi & 5G for wireless, and security technologies, make the OPC UA data reliable and accessible in a secure manner. This “virtuous cycle” of making more data available reliably and securely will continue to grow and expand as more improvements in sustainability, performance, and quality in industrial systems is delivered via Industry 4.0 capabilities.
Key technical advantages
“With initiatives and trends such as Industry 4.0 or Digital Factory, system and networking paradigms are changing from a static automation pyramid model to an automation network being part of a cyber physical system,” Seewald said. “OPC UAFX provides the data model, the protocol stack and the networking technologies including security for this important evolution, in enabling flexible and secure access to devices and data over a fully converged network. This enables innovation and new use cases that allow much higher flexibility and productivity. The interoperability OPC UA delivers, along with deterministic features based on Time-Sensitive Networking (TSN), allows agility regarding workflows and components (plug and produce) in an advanced automation network.”
He went on to say that Industrial IoT (IIoT) is a key application area where solutions based on OPC UAFX can help to enable secure access to data and devices over a variety of physical layers such as Ethernet, Wi-Fi, 5G, or Single-Pair Ethernet. Such applications are needed in industrial and process automation, energy automation or in the oil & gas domain. Furthermore, OPC UAFX provides the technical capabilities to support essential use cases such as Controller-to-Controller, Controller-to-Device (e.g. synchronization of axes) or Device-to-compute (Cloud-based Controller) along with precise time synchronization. Such characteristics make OPC UAFX an alternative to existing field-bus technologies but with inherent interoperability and security that are needed to meet requirements for ubiquitous access to devices over a converged network.
Engineering challenges
“Challenges in engineering have been the limitation of existing technologies and protocols regarding applicability to new use cases as well as of missing interoperability,” Seewald added. “Such technologies were often designed to meet the requirements for a fixed set of application scenarios (e.g. controller to device) often within a single layer or between two layers of the automation pyramid. Gateways are needed to cross domains and layers which prevents real end-to-end connectivity.”
“Furthermore, they were typically designed for a particular protocol stack and physical layer. Scope and architecture of OPC UAFX addresses interoperability over a variety of technologies (wired, wireless) using standardized networking and security technologies as a key design goal. A strict layering and separation of concerns allows deterministic data exchange over a converged industrial network.”