opc foundation and indusoft
DESCRIPTION
PresentTRANSCRIPT
OPC Technology & The Futurewith OPC Unified Architecture
Nathan PocockDirector, Certification & [email protected]
OPC FoundationThe interoperability standard for industrial automation & related domains
About the OPC Foundation
• An independent, non-profit organization founded in 1995.
• Developers of worldwide industry standards for multi-vendor interoperability and data transfer of information.
• OPC specifications are defined by volunteers from over 450 members worldwide and are also available as IEC standards.
• Extensive adoption from manufacturers and solution-providers in factory and process automation.
• Future-thinking technology that provides platform-independent connectivity of devices, systems, networks, and enterprise computing solutions.
Important Demographics
China; 12; 3%
Europe; 213; 48%
Japan; 28; 6%
North America, 152, 35%
Other; 36; 8%
ChinaEuropeJapanNorth AmericaOther
Key OPC technology markets:
– Industrial Automation
– Building Automation
– Embedded Devices
– Energy Management(Smart Grid)
– Manufacturing Enterprise Management
– Cloud-based Computing
– M2M
– And many more ….
Membership Markets
Evangelism & Worldwide Events
Promoting Awareness: • Seminars• Trade-shows• Media
Education:• Developer Workshops• Interoperability Workshops
HMI #AModbus Profibus
Profinet DH+
FF CIP
EGD Bacnet
DNP SNMP
TSAA AS511
UDC Others…
History: The “original problem”
Before OPC With OPC
HMI #BModbus Profibus
Profinet DH+
FF CIP
EGD Bacnet
DNP SNMP
TSAA AS511
UDC Others…
DCS ControllerPLC
HMI #A
OPC
HMI #B
OPC
DCS ControllerPLC
OPC ServerModbus Profinet DH+ Bacnet Others…
OPC Clients
OPC Server
Features Provided By OPC
• Discover OPC Servers on the network/PC
• View the tags available in the server
• Tags could be grouped into a hierarchy
• Read one or more tags
• Write to one or more tags
• Subscribe to tags and receive value-change notifications
• Easily identify good/bad data
• Clients can be completely agnostic to the underlying PLC, protocol, and addressing scheme
• Easy configuration possible by simply pointing + clicking
• Reading and writing to tags is much easier than memorizing a PLC address
• Optimized traffic on the wire thanks to a highly-efficient subscription model.
– Adding more clients does not necessarily add more overhead.
Features Benefits
History: Technology evolved…
7
• Over time, other problems needed solving and new OPC technology standards emerged:Problem Solution
How to let OPC solve more problems “OPC” re-branded: Data Access
More capabilities needed in Data Access OPC Data Access 1.0, 2.05a, 3.0
Need to store real-time values OPC Historical Data Access
Need to standardize Alarm Notifications OPC Alarms & Conditions
Need to standardize data acquisition via internet OPC XML-DA
Need to allow PLC-to-PLC communications OPC Data eXchange
Need to secure access to servers/tags OPC Security
Need to standardize batch-process operations OPC Batch
Need to standardize a simple PLC program OPC Program
Benefits From OPC Adoption
• Vendors were no longer required to maintain extensive device protocol libraries
• High-quality and affordable device-drivers (Servers) emerged
• More specialized Clients emerged
• Developer toolkits emerged for rapid development of custom applications that could also integrate with the OPC infrastructure
• End-users could mix-and-match numerous vendor products to achieve the best overall solution
Achieving Vendor Interoperability
• Compliance program to help vendors develop compliant products
• Test Tools available to members
• Interoperability workshops
• Certification program
• Certified products are tested in a sanctioned & independent Test Lab
• Rules of certification governed by the Compliance Working Group – open to members
• Certification testing includes:
– Compliance to OPC specifications
– Interoperability with other vendor products
– Robustness & recovery
– Usability (interface, document etc.)
– Resource efficiency (36hr load-testing)
Compliance Certification Program
Award of OPC Certification
History: Integration Difficulties
• Each OPC Specification solved a unique problem
• Each OPC Specification was its own self-contained solution
• No “true” integration between OPC technologies
• Development effort doubled.. Tripled.. quadrupled etc.
• Development somewhat eased by Microsoft’s COM/DCOM platform
OPC Application
OPC Application
DA
DA
HDA
HDA
A&E
A&E
XMLDA
XMLDA
Batch
Batch
DX
DX
Security
Security
OPC Adapts to NEW Challenges
• Integrate existing technologies• Provide platform-independence• Extensibility, for newer technology
profiles and specifications• Work online, remain secure:
– Resist remote attacks
– Protect valuable data
– Audit logs (who did what)
• Be compatible with OPC Classic• Stay FAST• Provide MORE diagnostics.• Be easy! No more DCOM!
• Re-design OPC technology implementation:
– Model a framework incorporating all existing specifications
– Use standard platforms not tied to a vendor, e.g. TCP/IP, openSSL etc.
– Use standard security tools for certificates and encryption
• “Unified Architecture” born!
Challenge Solution
OPC UA: Feature Summary
• Incorporates ALL of the OPC Classic specifications into one cohesive standard:DA, HDA, A&E, DX, XMLDA, Batch, Security, Program etc.
• Vendors that support one technology, e.g. DA, will be able to very quickly and easily add others, e.g. A&E, HDA, Programs etc.
• Provides backwards compatibility with OPC Classic via Proxy/Gateway components.
• Achieves other goals for security, platform-independence, performance, and growth.
• Vendor products can now quickly and easily be expanded over time to incorporate newer features and capabilities at minimal cost.
• Everything you know about OPC Classic is the same in UA!
OPC UA: Extensibility
14
OPC UA: Platform Independence
OPC UA
microchip
Desktop PC
iPhonePLC/Controller
Laptop
Enterprise Servers
Tablet
CE
OPC UA: Security (channel)
• Each UA application is uniquely identified with an x509 certificate
• Each UA application can be configured to trust specific apps
• Only TRUSTED Clients can connect to your valuable Servers
• The connection can be:
• Insecure: for isolated networks and maximum performance
• Encrypted with standard algorithms (RSA, SHA1) offering 128, 256, 512, 1024, 2048 bit ciphering etc.
• Each UA message/packet is:
• Signed, to prevent tampering
• Sequenced to eliminate message-replay, injection, and detect lost messages
UA Server
x509X509
Trust List
UA ClientX509Trust List
x509
Client:“here’s my x509, can I connect?”
Server:“I trust you, here’s my x509…”
Client:“I trust you too”
OPC UA Security: Authentication
• Only the RIGHT people need access to your systems/data.
• Users can be identified via:
– Anonymous (no security)
– Login name and password
– X509 certificate
– Kerberos
– Other?
• Restrict user access to data
• You can log ALL activities
I can prove who I am
I can’t see through the encryption let alone
guess credentials
Unified Architecture Summary
• OPC Unified Architecture – Enables platform independence– Adds reliability and robustness– Extensible architecture allows for future growth– Communicates information, not just data– Maintains performance with reliability– Security may help achieve regulatory compliance– Backwards compatible with “OPC Classic”– No more DCOM headaches
• OPC Unified Architecture & Collaboration– Enable enterprise interoperability– Better Information model integration
• Backed by an “open” Certification program
18
OPC Technology Summit:Save the date! October 2012
• Global summit to promote OPC education• October 16-18, 2012• Renaissance Orlando at SeaWorld, Florida, USA• Who should attend:
OPC End-users, Developers and Integrators• Agenda includes:
• OPC UA technology and value proposition• Supplier/developer presentations• End-user presentations (various markets)• Certification and compliance overview• Keynote: Control Systems Cyber Security expert
from Department of Homeland Security• Vendor exhibit area with table-top displays• Register now at www.opcfoundation.org/events
The End
Nathan PocockDirector, Certification & Compliance
OPC Foundation
The interoperability standard for industrial automation & related domains
Questions…