IEC TR 62541-2:2020

IEC TR 62541-2 ®
Edition 3.0 2020-11
TECHNICAL
REPORT
colour
inside
OPC unified architecture –
Part 2: Security Model
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
IEC TR 62541-2 ®
Edition 3.0 2020-11
TECHNICAL
REPORT
colour
inside
OPC unified architecture –
Part 2: Security Model
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 25.040.40; 35.100.01 ISBN 978-2-8322-9077-4

– 2 – IEC TR 62541-2:2020 © IEC 2020
CONTENTS
FOREWORD . 5
1 Scope . 7
2 Normative references . 7
3 Terms, definitions, and abbreviated terms . 8
3.1 Terms and definitions . 8
3.2 Abbreviated terms . 13
4 OPC UA security architecture . 13
4.1 OPC UA security environment . 13
4.2 Security objectives . 14
4.2.1 Overview . 14
4.2.2 Authentication. 15
4.2.3 Authorization . 15
4.2.4 Confidentiality . 15
4.2.5 Integrity . 15
4.2.6 Non-Repudiation . 15
4.2.7 Auditability . 15
4.2.8 Availability . 15
4.3 Security threats to OPC UA systems . 15
4.3.1 Overview . 15
4.3.2 Denial of Service . 16
4.3.3 Eavesdropping . 17
4.3.4 Message spoofing . 17
4.3.5 Message alteration . 17
4.3.6 Message replay . 17
4.3.7 Malformed Messages . 18
4.3.8 Server profiling . 18
4.3.9 Session hijacking . 18
4.3.10 Rogue Server . 18
4.3.11 Rogue Publisher . 18
4.3.12 Compromising user credentials . 19
4.3.13 Repudiation . 19
4.4 OPC UA relationship to site security . 19
4.5 OPC UA security architecture . 20
4.5.1 Overview . 20
4.5.2 Client / Server . 21
4.5.3 Publish-Subscribe . 22
4.6 SecurityPolicies . 23
4.7 Security Profiles . 24
4.8 Security Mode Settings . 24
4.9 User Authentication . 24
4.10 Application Authentication . 24
4.11 User Authorization . 25
4.12 Roles . 25
4.13 OPC UA security related Services . 25
4.14 Auditing . 26
4.14.1 General . 26

4.14.2 Single Client and Server . 27
4.14.3 Aggregating Server . 28
4.14.4 Aggregation through a non-auditing Server . 28
4.14.5 Aggregating Server with service distribution . 29
5 Security reconciliation . 30
5.1 Reconciliation of threats with OPC UA security mechanisms . 30
5.1.1 Overview . 30
5.1.2 Denial of Service . 31
5.1.3 Eavesdropping . 32
5.1.4 Message spoofing . 32
5.1.5 Message alteration . 33
5.1.6 Message replay . 33
5.1.7 Malformed Messages . 33
5.1.8 Server profiling . 33
5.1.9 Session hijacking . 33
5.1.10 Rogue Server or Publisher . 34
5.1.11 Compromising user credentials . 34
5.1.12 Repudiation . 34
5.2 Reconciliation of objectives with OPC UA security mechanisms . 34
5.2.1 Overview . 34
5.2.2 Application Authentication . 34
5.2.3 User Authentication . 35
5.2.4 Authorization . 35
5.2.5 Confidentiality . 35
5.2.6 Integrity . 35
5.2.7 Auditability . 35
5.2.8 Availability . 36
6 Implementation and deployment considerations . 36
6.1 Overview. 36
6.2 Appropriate timeouts . 36
6.3 Strict Message processing . 36
6.4 Random number generation . 37
6.5 Special and reserved packets . 37
6.6 Rate limiting and flow control . 37
6.7 Administrative access . 37
6.8 Cryptographic Keys . 38
6.9 Alarm related guidance . 38
6.10 Program access . 38
6.11 Audit event management . 39
6.12 OAuth2, JWT and User roles . 39
6.13 HTTPs, SSL/TLS & Websockets . 39
6.14 Reverse Connect . 39
7 Unsecured Services . 40
7.1 Overview. 40
7.2 Multicast Discovery . 40
7.3 Global Discovery Server Security . 40
7.3.1 Overview . 40
7.3.2 Rogue GDS . 40
7.3.3 Threats against a GDS . 41

– 4 – IEC TR 62541-2:2020 © IEC 2020
...