EN IEC 62541-4 2020 OPC UA Services Standard for Industrial Automation

OPC Unified Architecture - Part 4: Services

IEC 62541-4:2020 is available as IEC 62541-4:2020 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC 62541-4:2020 defines the OPC Unified Architecture (OPC UA) Services. The Services defined are the collection of abstract Remote Procedure Calls (RPC) that are implemented by OPC UA Servers and called by OPC UA Clients. All interactions between OPC UA Clients and Servers occur via these Services. The defined Services are considered abstract because no particular RPC mechanism for implementation is defined in this document. IEC 62541-6 specifies one or more concrete mappings supported for implementation. For example, one mapping in IEC 62541-6 is to XML Web Services. In that case the Services described in this document appear as the Web service methods in the WSDL contract. Not all OPC UA Servers will need to implement all of the defined Services. IEC 62541-7 defines the Profiles that dictate which Services need to be implemented in order to be compliant with a particular Profile This third edition cancels and replaces the second edition published in 2015. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Added ability to resend all data of monitored items in a Subscription using the ResendData Method. b) Added support for durable Subscriptions (lifetime of hours or days). c) Added Register2 and FindServersOnNetwork Services to support network-wide discovery using capability filters. d) Removed definition of software certificates. Will be defined in a future edition. e) Extended and partially revised the redundancy definition. Added sub-range definitions for ServiceLevel and added more terms for redundancy. f) Added a section on how to use Authorization Services to request user access tokens. g) Added JSON Web Tokens (JWTs) as a new user token. h) Added the concept of session-less service invocation. i) Added a generic structure that allows passing any number of attributes to the AddNodes Service. j) Added requirement to protect against user identity token attacks. k) Added new EncryptedSecret format for user identity tokens.

OPC Unified Architecture – Teil 4: Dienste

Architecture Unifiée OPC - Partie 4: Services

IEC 62541-4:2020 est disponible sous forme de IEC 62541-4:2020 RLV qui contient la Norme internationale et sa version Redline, illustrant les modifications du contenu technique depuis l'édition précédente.L'IEC 62541-4:2020 définit le modèle de communication Services de l'architecture unifiée OPC (OPC UA). Les Services définis sont le recueil d'appels de procédures abstraites distantes (RPC, Remote Procedure Call) qui sont mises en œuvre par les Serveurs OPC UA et qui sont appelées par les Clients OPC UA. Toutes les interactions entre Clients et Serveurs OPC UA ont lieu via ces Services. Les Services définis sont dits abstraits, car aucun mécanisme RPC particulier n'est spécifié dans le présent document pour leur mise en œuvre. L'IEC 62541-6 spécifie un ou plusieurs mécanismes concrets de mapping pour la mise en œuvre. Par exemple, dans l'IEC 62541-6, l'un des mécanismes de mapping repose sur l'utilisation des Services Web XML. Dans ce cas, les Services décrits dans le présent document apparaissent comme les méthodes de services Web dans le contrat WSDL. Il n'est pas nécessaire que l'ensemble des Serveurs OPC UA mettent en œuvre toutes les correspondances avec les messages et les protocoles de transport. L'IEC 62541-7 définit les Profils qui dictent les Services qu'il est nécessaire de mettre en œuvre afin d'être conforme à un Profil particulier. Cette troisième édition annule et remplace la deuxième édition parue en 2015. Cette édition constitue une révision technique. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente: a) ajout de la capacité à renvoyer toutes les données des éléments surveillés dans un abonnement à l'aide de la méthode ResendData; b) ajout de la prise en charge pour les abonnements durables (durée de vie en heures ou en jours); c) ajout des services Register2 et FindServersOnNetwork pour prendre en charge le mécanisme de découverte sur l'ensemble du réseau à l'aide de filtres de capacités; d) suppression de la définition des certificats de logiciel (seront définis dans une édition ultérieure); e) enrichissement et révision partielle de la définition de la redondance; ajout de définitions des sous plages pour ServiceLevel et ajout de termes supplémentaires pour la redondance; f) ajout d'un paragraphe expliquant comment utiliser les Services d'autorisation pour demander des jetons d'accès utilisateur; g) ajout des jetons JSON Web (JWT) comme nouveau jeton d'utilisateur; h) ajout du concept d'invocation de service sans session; i) ajout d'une structure générique permettant de transmettre n'importe quel nombre d'attributs dans le service AddNotes; j) ajout d'une exigence relative à la protection contre les attaques de jeton d'identité utilisateur; k) ajout du nouveau format EncryptedSecret pour les jetons d'identité utilisateur.

Enotna arhitektura OPC - 4. del: Storitve (IEC 62541-4:2020)

General Information

Status: Published
Publication Date: 17-Sep-2020

ICS: 25.040.40 - Industrial process measurement and control
: 35.100 - Open systems interconnection (OSI)
: 35.100.05 - Multilayer applications

Technical Committee: CLC/TC 65X - Industrial-process measurement, control and automation
Drafting Committee: IEC/SC 65E - IEC_SC_65E

Current Stage: 6060 - Document made available - Publishing
Start Date: 18-Sep-2020
Completion Date: 18-Sep-2020

Mandate: M/490 - Standardisation mandate to the European Standardisation Organisations (ESOs) to support European Smart Grid deployment

Ref Project: SIST EN IEC 62541-4:2020 - OPC Unified Architecture - Part 4: Services (IEC 62541-4:2020)

Relations

Replaces: EN 62541-4:2015 - OPC unified architecture - Part 4: Services
Effective Date: 22-Sep-2020

Revised: prEN IEC 62541-4:2024 - OPC unified architecture - Part 4: Services
Effective Date: 31-Jan-2023

Overview

EN IEC 62541-4:2020 - OPC Unified Architecture (OPC UA) Part 4: Services (IEC 62541-4:2020) defines the abstract Services (the RPC-style operations) used by OPC UA Clients and Servers. It specifies the request/response models, Service Sets (Discovery, SecureChannel, Session, NodeManagement, View, Query, Attribute, Method, MonitoredItem, Subscription, etc.) and the behaviours required for secure, auditable, and interoperable communication in industrial automation systems. The document is abstract with no binding RPC mapping - concrete mappings (for example to XML Web Services) are defined in IEC 62541-6; Profiles are in IEC 62541-7.

Key technical topics and requirements

Service Set model: formal structure for Service requests, responses and result codes across OPC UA.
Discovery services: FindServers, GetEndpoints, FindServersOnNetwork, RegisterServer/ RegisterServer2 for network-wide discovery and capability filters.
SecureChannel and Session: secure transport establishment, session creation, activation and closure; includes session-less invocation.
MonitoredItem & Subscription: models for data monitoring, publish/subscribe, durable subscriptions (long lifetimes), and ResendData/Republish semantics.
NodeManagement, View, Query, Attribute, Method: creation/modification of nodes, browsing, querying views, read/write/history, and remote method invocation.
Security & identity:
- Authorization patterns and use of Authorization Services to request user access tokens.
- New user token types including JSON Web Tokens (JWTs) and new EncryptedSecret format for user identity tokens.
- Requirements to protect against user identity token attacks.
- Removal of software certificate definition (to be addressed in a future edition).
Redundancy & Auditing: extended redundancy concepts (service-level sub-ranges, more redundancy terms) and explicit auditing requirements.
Extensibility: generic AddNodes attributes structure allowing passing many attributes; session-less service invocation support.

Practical applications and who uses this standard

OPC UA Server and Client implementers (device and edge vendors) for interoperable service implementations.
Systems integrators and SCADA/IIoT architects building secure data exchange, monitoring and control systems.
Cybersecurity engineers implementing secure authentication, JWT integration and token protection.
Test labs and certification bodies verifying compliance with OPC UA Service requirements and Profiles.
Industrial automation and process control sectors (SCADA, DCS, PLCs, historians) requiring standardized remote procedure interactions.

Related standards

IEC 62541-1 / TR 62541-1: overview and concepts
IEC 62541-2: security model
IEC 62541-3: address space model
IEC 62541-5: information model
IEC 62541-6: mappings (concrete protocol bindings)
IEC 62541-7: profiles (required Services per profile)

Keywords: OPC UA, OPC Unified Architecture, IEC 62541-4:2020, Services, SecureChannel, Session, Subscription, MonitoredItem, JWT, EncryptedSecret, FindServersOnNetwork, ResendData, durable subscriptions.

EN IEC 62541-4:2020 - BARVE - Page 3 preview

EN IEC 62541-4:2020 - BARVE - Page 1 preview

EN IEC 62541-4:2020 - BARVE - Page 2 preview

Standard

EN IEC 62541-4:2020 - BARVE

English language

232 pages

Preview

e-Library read for

AI-Chat

1 day

Create e-Library subscription and get permanent access to the document. Subscriptions are available for: 25 25.040 25.040.40 35 35.100 35.100.05

Frequently Asked Questions

What is EN IEC 62541-4:2020?

EN IEC 62541-4:2020 is a standard published by CLC. Its full title is "OPC Unified Architecture - Part 4: Services". This standard covers: IEC 62541-4:2020 is available as IEC 62541-4:2020 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC 62541-4:2020 defines the OPC Unified Architecture (OPC UA) Services. The Services defined are the collection of abstract Remote Procedure Calls (RPC) that are implemented by OPC UA Servers and called by OPC UA Clients. All interactions between OPC UA Clients and Servers occur via these Services. The defined Services are considered abstract because no particular RPC mechanism for implementation is defined in this document. IEC 62541-6 specifies one or more concrete mappings supported for implementation. For example, one mapping in IEC 62541-6 is to XML Web Services. In that case the Services described in this document appear as the Web service methods in the WSDL contract. Not all OPC UA Servers will need to implement all of the defined Services. IEC 62541-7 defines the Profiles that dictate which Services need to be implemented in order to be compliant with a particular Profile This third edition cancels and replaces the second edition published in 2015. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Added ability to resend all data of monitored items in a Subscription using the ResendData Method. b) Added support for durable Subscriptions (lifetime of hours or days). c) Added Register2 and FindServersOnNetwork Services to support network-wide discovery using capability filters. d) Removed definition of software certificates. Will be defined in a future edition. e) Extended and partially revised the redundancy definition. Added sub-range definitions for ServiceLevel and added more terms for redundancy. f) Added a section on how to use Authorization Services to request user access tokens. g) Added JSON Web Tokens (JWTs) as a new user token. h) Added the concept of session-less service invocation. i) Added a generic structure that allows passing any number of attributes to the AddNodes Service. j) Added requirement to protect against user identity token attacks. k) Added new EncryptedSecret format for user identity tokens.

What is the scope of EN IEC 62541-4:2020?

What ICS categories does EN IEC 62541-4:2020 belong to?

EN IEC 62541-4:2020 is classified under the following ICS (International Classification for Standards) categories: 25.040.40 - Industrial process measurement and control; 35.100 - Open systems interconnection (OSI); 35.100.05 - Multilayer applications. The ICS classification helps identify the subject area and facilitates finding related standards.

What standards are related to EN IEC 62541-4:2020?

EN IEC 62541-4:2020 has the following relationships with other standards: It is inter standard links to EN 62541-4:2015, prEN IEC 62541-4:2024. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.

Is EN IEC 62541-4:2020 a harmonized European standard?

EN IEC 62541-4:2020 is associated with the following European legislation: Standardization Mandates: M/490. When a standard is cited in the Official Journal of the European Union, products manufactured in conformity with it benefit from a presumption of conformity with the essential requirements of the corresponding EU directive or regulation.

How can I purchase EN IEC 62541-4:2020?

You can purchase EN IEC 62541-4:2020 directly from iTeh Standards. The document is available in PDF format and is delivered instantly after payment. Add the standard to your cart and complete the secure checkout process. iTeh Standards is an authorized distributor of CLC standards.

Standards Content (Sample)

EN IEC 62541-4:2020 - BARVE

SLOVENSKI STANDARD
01-december-2020
Nadomešča:
SIST EN 62541-4:2015
Enotna arhitektura OPC - 4. del: Storitve (IEC 62541-4:2020)
OPC Unified Architecture - Part 4: Services (IEC 62541-4:2020)
OPC Unified Architecture - Teil 4: Dienste (IEC 62541-4:2020)
Architecture Unifiée OPC - Partie 4: Services (IEC 62541-4:2020)
Ta slovenski standard je istoveten z: EN IEC 62541-4:2020
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN IEC 62541-4

NORME EUROPÉENNE
EUROPÄISCHE NORM
September 2020
ICS 35.100.05; 25.040.40 Supersedes EN 62541-4:2015 and all of its amendments
and corrigenda (if any)
English Version
OPC Unified Architecture - Part 4: Services
(IEC 62541-4:2020)
Architecture Unifiée OPC - Partie 4: Services OPC Unified Architecture - Teil 4: Dienste
(IEC 62541-4:2020) (IEC 62541-4:2020)
This European Standard was approved by CENELEC on 2020-08-17. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 62541-4:2020 E

European foreword
The text of document 65E/716/FDIS, future edition 3 of IEC 62541-4, prepared by SC 65E "Devices
and integration in enterprise systems" of IEC/TC 65 "Industrial-process measurement, control and
automation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2021-05-17
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2023-08-17
document have to be withdrawn
This document supersedes EN 62541-4:2015 and all of its amendments and corrigenda (if any).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
This document has been prepared under a mandate given to CENELEC by the European Commission
and the European Free Trade Association.
Endorsement notice
The text of the International Standard IEC 62541-4:2020 was approved by CENELEC as a European
Standard without any modification.

Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1 Where an International Publication has been modified by common modifications, indicated by (mod),
the relevant EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available
here: www.cenelec.eu.
Publication Year Title EN/HD Year
IEC/TR 62541-1 - OPC unified architecture - Part 1: CLC/TR 62541-1 -
Overview and concepts
IEC/TR 62541-2 - OPC unified architecture - Part 2: CLC/TR 62541-2 -
Security model
IEC 62541-3 - OPC Unified Architecture - Part 3: EN IEC 62541-3 -
Address Space Model
IEC 62541-5 - OPC Unified Architecture - Part 5: EN IEC 62541-5 -
Information Model
IEC 62541-6 - OPC Unified Architecture - Part 6: EN IEC 62541-6 -
Mappings
IEC 62541-7 - OPC unified architecture - Part 7: EN IEC 62541-7 -
Profiles
IEC 62541-8 - OPC Unified Architecture - Part 8: EN IEC 62541-8 -
Data Access
IEC 62541-11 - OPC Unified Architecture - Part 11: EN IEC 62541-11 -
Historical Access
IEC 62541-12 - OPC unified architecture - Part 12: EN IEC 62541-12 -
Discovery and global services
IEC 62541-13 - OPC Unified Architecture - Part 13: EN IEC 62541-13 -
Aggregates
IEC 62541-4 ®
Edition 3.0 2020-07
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
OPC unified architecture –
Part 4: Services
Architecture unifiée OPC –
Partie 4: Services
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 25.040.40; 35.100.05 ISBN 978-2-8322-8589-3

– 2 – IEC 62541-4:2020 © IEC 2020
CONTENTS
FOREWORD . 13
1 Scope . 15
2 Normative references . 15
3 Terms, definitions, abbreviated terms and conventions . 16
3.1 Terms and definitions . 16
3.2 Abbreviated terms . 17
3.3 Conventions for Service definitions . 17
4 Overview . 19
4.1 Service Set model . 19
4.2 Request/response Service procedures . 22
5 Service Sets . 22
5.1 General . 22
5.2 Service request and response header . 23
5.3 Service results . 23
5.4 Discovery Service Set . 24
5.4.1 Overview . 24
5.4.2 FindServers . 26
5.4.3 FindServersOnNetwork . 27
5.4.4 GetEndpoints . 29
5.4.5 RegisterServer . 31
5.4.6 RegisterServer2 . 34
5.5 SecureChannel Service Set . 35
5.5.1 Overview . 35
5.5.2 OpenSecureChannel. 36
5.5.3 CloseSecureChannel . 40
5.6 Session Service Set . 41
5.6.1 Overview . 41
5.6.2 CreateSession . 41
5.6.3 ActivateSession . 46
5.6.4 CloseSession . 49
5.6.5 Cancel . 50
5.7 NodeManagement Service Set . 50
5.7.1 Overview . 50
5.7.2 AddNodes . 50
5.7.3 AddReferences . 52
5.7.4 DeleteNodes . 54
5.7.5 DeleteReferences . 56
5.8 View Service Set . 57
5.8.1 Overview . 57
5.8.2 Browse . 57
5.8.3 BrowseNext . 60
5.8.4 TranslateBrowsePathsToNodeIds . 62
5.8.5 RegisterNodes . 64
5.8.6 UnregisterNodes . 65
5.9 Query Service Set . 66
5.9.1 Overview . 66

IEC 62541-4:2020 © IEC 2020 – 3 –
5.9.2 Querying Views . 66
5.9.3 QueryFirst . 67
5.9.4 QueryNext . 70
5.10 Attribute Service Set . 71
5.10.1 Overview . 71
5.10.2 Read . 72
5.10.3 HistoryRead . 73
5.10.4 Write. 76
5.10.5 HistoryUpdate . 79
5.11 Method Service Set . 81
5.11.1 Overview . 81
5.11.2 Call . 81
5.12 MonitoredItem Service Set . 84
5.12.1 MonitoredItem model . 84
5.12.2 CreateMonitoredItems . 89
5.12.3 ModifyMonitoredItems . 92
5.12.4 SetMonitoringMode . 94
5.12.5 SetTriggering . 95
5.12.6 DeleteMonitoredItems . 97
5.13 Subscription Service Set . 98
5.13.1 Subscription model . 98
5.13.2 CreateSubscription . 107
5.13.3 ModifySubscription . 108
5.13.4 SetPublishingMode . 110
5.13.5 Publish . 111
5.13.6 Republish . 113
5.13.7 TransferSubscriptions . 114
5.13.8 DeleteSubscriptions . 116
6 Service behaviours . 117
6.1 Security . 117
6.1.1 Overview . 117
6.1.2 Obtaining and installing an Application Instance Certificate . 117
6.1.3 Determining if a Certificate is trusted . 118
6.1.4 Creating a SecureChannel . 121
6.1.5 Creating a Session . 123
6.1.6 Impersonating a User . 124
6.2 Authorization Services . 124
6.2.1 Overview . 124
6.2.2 Indirect handshake with an Identity Provider . 124
6.2.3 Direct handshake with an Identity Provider . 125
6.3 Session-less Service invocation . 126
6.3.1 Description . 126
6.3.2 Parameters . 127
6.3.3 Service results . 128
6.4 Software Certificates . 128
6.5 Auditing . 128
6.5.1 Overview . 128
6.5.2 General audit logs . 128
6.5.3 General audit Events . 129

– 4 – IEC 62541-4:2020 © IEC 2020
6.5.4 Auditing for Discovery Service Set . 129
6.5.5 Auditing for SecureChannel Service Set . 129
6.5.6 Auditing for Session Service Set . 129
6.5.7 Auditing for NodeManagement Service Set . 130
6.5.8 Auditing for Attribute Service Set . 130
6.5.9 Auditing for Method Service Set . 131
6.5.10 Auditing for View, Query, MonitoredItem and Subscription Service Set . 131
6.6 Redundancy . 131
6.6.1 Redundancy overview . 131
6.6.2 Server Redundancy . 132
6.6.3 Client Redundancy . 143
6.6.4 Network Redundancy . 143
6.6.5 Manually forcing Failover . 145
6.7 Re-establishing connections . 145
6.8 Durable Subscriptions . 147
7 Common parameter type definitions . 148
7.1 ApplicationDescription . 148
7.2 ApplicationInstanceCertificate . 149
7.3 BrowseResult . 150
7.4 ContentFilter . 151
7.4.1 ContentFilter structure . 151
7.4.2 ContentFilterResult . 151
7.4.3 FilterOperator . 152
7.4.4 FilterOperand parameters . 159
7.5 Counter . 161
7.6 ContinuationPoint . 161
7.7 DataValue . 162
7.7.1 General . 162
7.7.2 PicoSeconds. 162
7.7.3 SourceTimestamp . 162
7.7.4 ServerTimestamp . 163
7.7.5 StatusCode assigned to a value. 163
7.8 DiagnosticInfo . 164
7.9 DiscoveryConfiguration parameters . 165
7.9.1 Overview . 165
7.9.2 MdnsDiscoveryConfiguration . 166
7.10 EndpointDescription . 166
7.11 ExpandedNodeId . 167
7.12 ExtensibleParameter . 167
7.13 Index . 167
7.14 IntegerId . 167
7.15 MessageSecurityMode . 168
7.16 MonitoringParameters . 168
7.17 MonitoringFilter parameters . 169
7.17.1 Overview . 169
7.17.2 DataChangeFilter . 170
7.17.3 EventFilter . 171
7.17.4 AggregateFilter . 173
7.18 MonitoringMode . 174

IEC 62541-4:2020 © IEC 2020 – 5 –
7.19 NodeAttributes parameters . 175
7.19.1 Overview . 175
7.19.2 ObjectAttributes parameter . 176
7.19.3 VariableAttributes parameter . 176
7.19.4 MethodAttributes parameter . 177
7.19.5 ObjectTypeAttributes parameter . 177
7.19.6 VariableTypeAttributes parameter . 178
7.19.7 ReferenceTypeAttributes parameter . 178
7.19.8 DataTypeAttributes parameter . 179
7.19.9 ViewAttributes parameter . 179
7.19.10 GenericAttributes parameter . 180
7.20 NotificationData parameters . 180
7.20.1 Overview . 180
7.20.2 DataChangeNotification parameter . 181
7.20.3 EventNotificationList parameter . 181
7.20.4 StatusChangeNotification parameter . 182
7.21 NotificationMessage . 182
7.22 NumericRange . 182
7.23 QueryDataSet . 183
7.24 ReadValueId . 184
7.25 ReferenceDescription. 185
7.26 RelativePath . 186
7.27 RegisteredServer . 187
7.28 RequestHeader . 187
7.29 ResponseHeader . 189
7.30 ServiceFault . 189
7.31 SessionAuthenticationToken . 190
7.32 SignatureData . 191
7.33 SignedSoftwareCertificate . 191
7.34 StatusCode . 192
7.34.1 General . 192
7.34.2 Common StatusCodes . 194
7.35 TimestampsToReturn . 198
7.36 UserIdentityToken parameters . 198
7.36.1 Overview . 198
7.36.2 Token Encryption and Proof of Possession . 199
7.36.3 AnonymousIdentityToken . 203
7.36.4 UserNameIdentityToken . 203
7.36.5 X509IdentityTokens . 205
7.36.6 IssuedIdentityToken. 205
7.37 UserTokenPolicy . 206
7.38 VersionTime. 207
7.39 ViewDescription . 207
Annex A (informative) BNF definitions . 208
A.1 Overview over BNF . 208
A.2 BNF of RelativePath . 208
A.3 BNF of NumericRange . 209
Annex B (informative) ContentFilter and Query examples . 210
B.1 Simple ContentFilter examples . 210

– 6 – IEC 62541-4:2020 © IEC 2020
B.1.1 Overview . 210
B.1.2 Example 1 . 210
B.1.3 Example 2 . 211
B.2 Complex examples of Query filters . 212
B.2.1 Overview . 212
B.2.2 Used type model . 212
B.2.3 Example Notes . 215
B.2.4 Example 1 . 216
B.2.5 Example 2 . 217
B.2.6 Example 3 . 218
B.2.7 Example 4 . 221
B.2.8 Example 5 . 222
B.2.9 Example 6 . 223
B.2.10 Example 7 . 225
B.2.11 Example 8 . 227
B.2.12 Example 9 . 228

Figure 1 – Discovery Service Set . 19
Figure 2 – SecureChannel Service Set. 19
Figure 3 – Session Service Set . 20
Figure 4 – NodeManagement Service Set . 20
Figure 5 – View Service Set . 20
Figure 6 – Attribute Service Set . 21
Figure 7 – Method Service Set . 21
Figure 8 – MonitoredItem and Subscription Service Sets . 22
Figure 9 – Discovery process . 25
Figure 10 – Using a Gateway Server . 30
Figure 11 – The registration process – Manually launched servers . 32
Figure 12 – The registration process – Automatically launched servers . 32
Figure 13 – SecureChannel and Session Services . 36
Figure 14 – Multiplexing users on a Session . 43
Figure 15 – MonitoredItem model . 84
Figure 16 – Typical delay in change detection . 86
Figure 17 – Queue overflow handling . 87
Figure 18 – Triggering model . 88
Figure 19 – Obtaining and installing an Application Instance Certificate . 118
Figure 20 – Determining if an Application Instance Certificate is trusted . 121
Figure 21 – Establishing a SecureChannel . 122
Figure 22 – Establishing a Session . 123
Figure 23 – Impersonating a User . 124
Figure 24 – Indirect handshake with an Identity Provider . 125
Figure 25 – Direct handshake with an Identity Provider . 126
Figure 26 – Transparent Redundancy setup example . 133
Figure 27 – Non-Transparent Redundancy setup . 134
Figure 28 – Client Start-up steps . 138

IEC 62541-4:2020 © IEC 2020 – 7 –
Figure 29 – Cold Failover . 139
Figure 30 – Warm Failover . 140
Figure 31 – Hot Failover . 141
Figure 32 – HotAndMirrored Failover . 142
Figure 33 – Server proxy for Redundancy . 143
Figure 34 – Transparent network Redundancy . 144
Figure 35 – Non-transparent network Redundancy . 145
Figure 36 – Reconnect sequence . 146
Figure 37 – Logical layers of a Server . 190
Figure 38 – Obtaining a SessionAuthenticationToken . 191
Figure 39 – EncryptedSecret layout . 200
Figure B.1 – Filter logic tree example . 210
Figure B.2 – Filter logic tree example . 211
Figure B.3 – Example Type Nodes . 214
Figure B.4 – Example Instance Nodes . 215
Figure B.5 – Example 1 Filter . 216
Figure B.6 – Example 2 Filter logic tree . 218
Figure B.7 – Example 3 Filter logic tree . 219
Figure B.8 – Example 4 Filter logic tree . 221
Figure B.9 – Example 5 Filter logic tree . 222
Figure B.10 – Example 6 Filter logic tree . 224
Figure B.11 – Example 7 Filter logic tree . 226
Figure B.12 – Example 8 Filter logic tree . 227
Figure B.13 – Example 9 Filter logic tree . 228

Table 1 – Service definition table . 18
Table 2 – Parameter Types defined in IEC 62541-3 . 18
Table 3 – FindServers Service parameters . 27
Table 4 – FindServersOnNetwork Service parameters . 28
Table 5 – GetEndpoints Service parameters . 31
Table 6 – RegisterServer Service parameters . 33
Table 7 – RegisterServer Service result codes . 33
Table 8 – RegisterServer2 . 34
Table 9 – RegisterServer2 Service result codes . 35
Table 10 – RegisterServer2 Operation Level result codes . 35
Table 11 – OpenSecureChannel Service parameters . 38
Table 12 – OpenSecureChannel Service result codes . 40
Table 13 – CloseSecureChannel Service parameters . 41
Table 14 – CloseSecureChannel Service result codes . 41
Table 15 – CreateSession Service parameters . 44
Table 16 – CreateSession Service result codes . 46
Table 17 – ActivateSession Service parameters . 48
Table 18 – ActivateSession Service result codes . 49

– 8 – IEC 62541-4:2020 © IEC 2020
Table 19 – CloseSession Service parameters . 49
Table 20 – CloseSession Service result codes . 50
Table 21 – Cancel Service parameters. 50
Table 22 – AddNodes Service parameters . 51
Table 23 – AddNodes Service result codes . 52
Table 24 – AddNodes Operation Level result codes . 52
Table 25 – AddReferences Service parameters . 53
Table 26 – AddReferences Service result codes . 53
Table 27 – AddReferences Operation Level result codes . 54
Table 28 – DeleteNodes Service parameters . 55
Table 29 – DeleteNodes Service result codes . 55
Table 30 – DeleteNodes Operation Level result codes . 56
Table 31 – DeleteReferences Service parameters . 56
Table 32 – DeleteReferences Service result codes . 57
Table 33 – DeleteReferences Operation Level result codes . 57
Table 34 – Browse Service parameters . 58
Table 35 – Browse Service result codes . 59
Table 36 – Browse Operation Level result codes . 60
Table 37 – BrowseNext Service parameters . 61
Table 38 – BrowseNext Service result codes . 61
Table 39 – BrowseNext Operation Level result codes . 62
Table 40 – TranslateBrowsePathsToNodeIds Service parameters . 63
Table 41 – TranslateBrowsePathsToNodeIds Service result codes . 63
Table 42 – TranslateBrowsePathsToNodeIds Operation Level result codes . 64
Table 43 – RegisterNodes Service parameters . 65
Table 44 – RegisterNodes Service result codes . 65
Table 45 – UnregisterNodes Service parameters . 66
Table 46 – UnregisterNodes Service result codes . 66
Table 47 – QueryFirst Request parameters . 68
Table 48 – QueryFirst Response parameters . 69
Table 49 – QueryFirst Service result codes . 70
Table 50 – QueryFirst Operation Level result codes . 70
Table 51 – QueryNe
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

The article discusses the EN IEC 62541-4:2020 standard, which defines the Services of the OPC Unified Architecture (OPC UA). These Services are abstract Remote Procedure Calls (RPC) implemented by OPC UA Servers and used by OPC UA Clients to interact with them. The standard does not specify a particular RPC mechanism for implementation, but provides mappings, such as XML Web Services, for concrete implementation. Not all OPC UA Servers need to implement all the defined Services. The article highlights some of the technical changes in the third edition of the standard, such as the ability to resend data in a Subscription, support for durable Subscriptions, network-wide discovery services, and the removal of software certificate definitions for a future edition. It also mentions new features like using Authorization Services for user access tokens, JSON Web Tokens (JWTs) as user tokens, session-less service invocation, and an extended structure for the AddNodes Service. The article further emphasizes the need for protection against user identity token attacks and introduces a new EncryptedSecret format for user identity tokens.

이 기사에서는 EN IEC 62541-4:2020 표준에 대해 다루고 있습니다. 이 표준은 OPC Unified Architecture (OPC UA) 서비스를 정의합니다. 이러한 서비스는 OPC UA 서버에서 구현되는 추상적인 원격 프로시저 호출(RPC)의 모음이며, OPC UA 클라이언트에서 호출됩니다. OPC UA 클라이언트와 서버 간의 모든 상호작용은 이러한 서비스를 통해 이루어집니다. 이 문서에서는 구체적인 RPC 매커니즘을 정의하지 않았으며, 구현을 위해 지원되는 하나 이상의 구체적인 매핑을 IEC 62541-6에서 명시합니다. 예를 들어, IEC 62541-6에는 XML 웹 서비스를 위한 매핑이 포함되어 있습니다. 이 경우 이 문서에서 설명된 서비스는 WSDL 계약에 나타나는 웹 서비스 메소드로 나타납니다. 모든 OPC UA 서버가 정의된 서비스를 구현할 필요는 없습니다. IEC 62541-7에서는 특정 프로파일과 일치하기 위해 구현해야 하는 서비스를 규정합니다. 이 세 번째 판은 2015년에 출판된 두 번째 판을 철회하고 대체하는 것입니다. 이 버전은 기술적인 개정을 포함하고 있으며, 이전 판에 비해 다음과 같은 중요한 기술적인 변경 사항이 포함되어 있습니다. a) ResendData 메소드를 사용하여 구독의 모든 데이터를 재전송할 수 있는 기능을 추가하였습니다. b) 수명이 시간(시간 단위) 또는 일(일 단위)인 내구성 있는 구독을 지원하도록 지원하도록 추가하였습니다. c) 기능 필터를 사용하여 네트워크 전체의 발견을 지원하기 위해 Register2 및 FindServersOnNetwork 서비스를 추가하였습니다. d) 소프트웨어 인증서의 정의를 제거하였으며, 향후 버전에서 정의할 것입니다. e) 능가 정의를 확장 및 부분적으로 수정하였습니다. ServiceLevel의 하위 범위 정의를 추가하고, 장애 내구도에 대한 추가 용어를 추가하였습니다. f) 사용자 액세스 토큰을 요청하기 위해 권한 부여 서비스를 사용하는 방법에 관한 섹션을 추가하였습니다. g) 새로운 사용자 토큰으로 JSON 웹 토큰 (JWT)을 추가하였습니다. h) 세션 없는 서비스 호출 개념을 추가하였습니다. i) 어느 속성을 AddNodes 서비스로 전달할 수 있는 범용 구조를 추가하였습니다. j) 사용자 식별 토큰 공격에 대한 보호 요구 사항을 추가하였습니다. k) 사용자 식별 토큰을 위한 새로운 EncryptedSecret 형식을 추가하였습니다.

この記事では、EN IEC 62541-4:2020規格について説明されています。この規格はOPC Unified Architecture（OPC UA）のサービスを定義しています。これらのサービスは、OPC UAサーバーによって実装され、OPC UAクライアントによって呼び出される抽象的なリモートプロシージャコール（RPC）の集まりです。OPC UAクライアントとサーバーのすべての相互作用は、これらのサービスを介して行われます。この文書では、特定のRPCメカニズムの実装方法は定義されておらず、IEC 62541-6では実装をサポートする1つ以上の具体的なマッピングが定義されています。たとえば、IEC 62541-6ではXML Webサービス向けのマッピングが提供されています。その場合、この文書で説明されるサービスは、WSDLコントラクトのWebサービスメソッドとして表示されます。すべてのOPC UAサーバーが定義されたサービスを実装する必要はありません。IEC 62541-7では、特定のプロファイルに準拠するために実装する必要があるサービスを規定しています。この第3版は、2015年に発行された第2版を取り消し、置き換えるものです。この版では、以下の主な技術的変更が前版と比較して含まれています：a) サブスクリプションの監視アイテムのすべてのデータを再送するためのResendDataメソッドの機能を追加しました。b) 時間または日数の寿命を持つ耐久性のあるサブスクリプションをサポートすることを追加しました。c) 能力フィルターを使用してネットワーク全体の検出をサポートするために、Register2およびFindServersOnNetworkサービスを追加しました。d) ソフトウェア証明書の定義を削除し、将来の版で定義する予定です。e) 冗長性の定義を拡張および一部修正しました。ServiceLevelのサブレンジ定義を追加し、冗長性に関連する用語を追加しました。f) ユーザーアクセストークンを要求するための承認サービスの使用方法についてのセクションを追加しました。g) 新しいユーザートークンとしてJSON Webトークン（JWT）を追加しました。h) セッションレスなサービス呼び出しの概念を追加しました。i) AddNodesサービスに任意の数の属性を渡すための汎用構造を追加しました。j) ユーザーアイデンティティトークンの攻撃から保護する要件を追加しました。k) ユーザーアイデンティティトークン用の新しいEncryptedSecret形式を追加しました。