SIST EN IEC 62541-6:2020
(Main)OPC Unified Architecture - Part 6: Mappings (IEC 62541-6:2020)
OPC Unified Architecture - Part 6: Mappings (IEC 62541-6:2020)
This part of IEC 62541 specifies the OPC Unified Architecture (OPC UA) mapping between
the security model described in IEC TR 62541‑2, the abstract service definitions specified in
IEC 62541‑4, the data structures defined in IEC 62541‑5 and the physical network protocols
that can be used to implement the OPC UA specification.
OPC Unified Architecture - Teil 6: Protokollabbildungen (IEC 62541-6:2020)
Architecture unifiée OPC - Partie 6: Correspondances (IEC 62541-6:2020)
IEC 62541-6:2020 est disponible sous forme de IEC 62541-6:2020 RLV qui contient la Norme internationale et sa version Redline, illustrant les modifications du contenu technique depuis l'édition précédente.
a) codages:
• ajout du codage JSON pour PubSub (irréversible);
• ajout du codage JSON pour le Client/Serveur (réversible);
• ajout de la prise en charge des champs facultatifs dans les structures;
• ajout de la prise en charge des Unions;
b) mappings de transport:
• ajout de la connexion sécurisée WebSocket (WSS);
• ajout de la prise en charge de la connectivité inversée;
• ajout de la prise en charge de l'invocation de service sans session dans HTTPS;
c) transport déconseillé (absence de prise en charge sur la plupart des plateformes):
• SOAP/HTTP avec WS-SecureConversation (tous les codages);
d) ajout du mapping pour JSON Web Token;
e) ajout de la prise en charge des Unions pour le Schéma de NodeSet;
f) ajout d'opérations par lots permettant d'ajouter/de supprimer des nœuds au niveau du Schéma de NodeSet;
g) ajout de la prise en charge des matrices multidimensionnelles à l'extérieur des Variantes;
h) ajout d'une représentation binaire pour les types de données Décimaux;
i) ajout du mapping pour le Cadre d'autorisation OAuth2.
Enotna arhitektura OPC - 6. del: Preslikave (IEC 62541-6:2020)
General Information
Relations
Standards Content (Sample)
SLOVENSKI STANDARD
SIST EN IEC 62541-6:2020
01-december-2020
Nadomešča:
SIST EN 62541-6:2015
Enotna arhitektura OPC - 6. del: Preslikave (IEC 62541-6:2020)
OPC Unified Architecture - Part 6: Mappings (IEC 62541-6:2020)
OPC Unified Architecture - Teil 6: Protokollabbildungen (IEC 62541-6:2020)
Architecture unifiée OPC - Partie 6: Correspondances (IEC 62541-6:2020)
Ta slovenski standard je istoveten z: EN IEC 62541-6:2020
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
SIST EN IEC 62541-6:2020 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
SIST EN IEC 62541-6:2020
---------------------- Page: 2 ----------------------
SIST EN IEC 62541-6:2020
EUROPEAN STANDARD EN IEC 62541-6
NORME EUROPÉENNE
EUROPÄISCHE NORM
September 2020
ICS 35.100.05; 25.040.40 Supersedes EN 62541-6:2015 and all of its amendments
and corrigenda (if any)
English Version
OPC Unified Architecture - Part 6: Mappings
(IEC 62541-6:2020)
Architecture unifiée OPC - Partie 6: Mappings OPC Unified Architecture - Teil 6: Protokollabbildungen
(IEC 62541-6:2020) (IEC 62541-6:2020)
This European Standard was approved by CENELEC on 2020-08-17. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 62541-6:2020 E
---------------------- Page: 3 ----------------------
SIST EN IEC 62541-6:2020
EN IEC 62541-6:2020 (E)
European foreword
The text of document 65E/718/FDIS, future edition 3 of IEC 62541-6, prepared by SC 65E "Devices
and integration in enterprise systems" of IEC/TC 65 "Industrial-process measurement, control and
automation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
EN IEC 62541-6:2020.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2021-05-17
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2023-08-17
document have to be withdrawn
This document supersedes EN 62541-6:2015 and all of its amendments and corrigenda (if any).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
This document has been prepared under a mandate given to CENELEC by the European
Commission and the European Free Trade Association.
Endorsement notice
The text of the International Standard IEC 62541-6:2020 was approved by CENELEC as a European
Standard without any modification.
2
---------------------- Page: 4 ----------------------
SIST EN IEC 62541-6:2020
EN IEC 62541-6:2020 (E)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1 Where an International Publication has been modified by common modifications, indicated by (mod),
the relevant EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available
here: www.cenelec.eu.
Publication Year Title EN/HD Year
IEC/TR 62541-1 - OPC unified architecture - Part 1: Overview CLC/TR 62541-1 -
and concepts
IEC/TR 62541-2 - OPC unified architecture - Part 2: Security CLC/TR 62541-2 -
model
IEC 62541-3 - OPC Unified Architecture - Part 3: Address - -
Space Model
IEC 62541-4 - OPC Unified Architecture - Part 4: Services - -
IEC 62541-5 - OPC Unified Architecture - Part 5: - -
Information Model
IEC 62541-7 - OPC unified architecture - Part 7: Profiles EN IEC 62541-7 -
IEC 62541-12 - OPC unified architecture - Part 12: EN IEC 62541-12 -
Discovery and global services
ISO 8601-1 2019 Date and time - Representations for - -
information interchange – Part 1: Basic rules
XML Schema Part 2 - XML Schema Part 2: Datatypes - -
http://www.w3.org/TR/xmlschema‑2/
SOAP Part 1 - SOAP Version 1.2 Part 1: Messaging - -
Framework
http://www.w3.org/TR/soap12-part1/
SSL/TLS: RFC 5246 - The TLS Protocol Version 1.2 - -
http://tools.ietf.org/html/rfc5246.txt
X.509 v3: ISO/IEC - Information technology – Open Systems - -
9594-8 Interconnection – The Directory: Public-key
and attribute certificate frameworks
HTTP: RFC 2616 - Hypertext Transfer Protocol – HTTP/1.1 - -
http://www.ietf.org/rfc/rfc2616.txt
3
---------------------- Page: 5 ----------------------
SIST EN IEC 62541-6:2020
EN IEC 62541-6:2020 (E)
Publication Year Title EN/HD Year
HTTPS: RFC 2818 - HTTP Over TLS - -
http://www.ietf.org/rfc/rfc2818.txt
Base64: RFC 3548 - The Base16, Base32, and Base64 Data - -
Encodings http://www.ietf.org/rfc/rfc3548.txt
X690: ISO/IEC 8825-1 - Information technology – ASN.1 encoding - -
rules: Specification of Basic Encoding Rules
(BER), Canonical Encoding Rules (CER)
and Distinguished Encoding Rules (DER)
IEEE-754 - Standard for Floating-Point Arithmetic - -
HMAC - HMAC – Keyed-Hashing for Message - -
Authentication
http://www.ietf.org/rfc/rfc2104.txt
PKCS #1: - PKCS #1 – RSA Cryptography - -
Specifications Version 2.0
http://www.ietf.org/rfc/rfc2437.txt
PKCS #12 - PKCS #12 – Personal Information Exchange - -
Syntax v1.1 http://www.ietf.org/rfc/rfc7292.txt
FIPS 180-4 - Secure Hash Standard (SHS) - -
https://csrc.nist.gov/publications/detail/fips/1
80/4/final
FIPS 197 - Advanced Encryption Standard (AES) - -
https://csrc.nist.gov/publications/detail/fips/1
97/final
UTF-8 - UTF-8, a transformation format of ISO - -
10646 http://www.ietf.org/rfc/rfc3629.txt
RFC 3280 - RFC 3280 – X.509 Public Key Infrastructure - -
Certificate and CRL Profile
http://www.ietf.org/rfc/rfc3280.txt
RFC 4514 - RFC 4514 – LDAP: String Representation of - -
Distinguished Names
http://www.ietf.org/rfc/rfc4514.txt
NTP - RFC 1305 – Network Time Protocol (Version - -
3) Specification, Implementation and
Analysis http://www.ietf.org/rfc/rfc1305.txt
Kerberos - Web Services Security – Kerberos Token - -
Profile 1.1
http://docs.oasis-open.org/wss/v1.1/wss-v1.
1-spec-os-KerberosTokenProfile.pdf
RFC 1738 - RFC 1738 – Uniform Resource Locators - -
(URL) http://www.ietf.org/rfc/rfc1738.txt
RFC 2141 - RFC 2141 – URN Syntax - -
http://www.ietf.org/rfc/rfc2141.txt
RFC 6455 - RFC 6455 – The WebSocket Protocol - -
http://www.ietf.org/rfc/rfc6455.txt
4
---------------------- Page: 6 ----------------------
SIST EN IEC 62541-6:2020
EN IEC 62541-6:2020 (E)
Publication Year Title EN/HD Year
RFC 7523 - JSON Web Token (JWT) Profile for OAuth - -
2.0 Client Authentication and Authorization
Grants https://tools.ietf.org/rfc/rfc7523.txt
RFC 6749 - The OAuth 2.0 Authorization Framework - -
http://www.ietf.org/rfc/rfc6749.txt
OpenID-Core - OpenID Connect Core 1.0 - -
http://openid.net/specs/openid-connect-core-
1_0.html
OpenID-Discovery - OpenID Connect Discovery 1.0 - -
https://openid.net/specs/openid-connect-disc
overy-1_0.html
RFC 6960 - RFC 6960 – X.509 Internet Public Key - -
Infrastructure Online Certificate Status
Protocol – OCSP
https://www.ietf.org/rfc/rfc6960.txt
5
---------------------- Page: 7 ----------------------
SIST EN IEC 62541-6:2020
---------------------- Page: 8 ----------------------
SIST EN IEC 62541-6:2020
IEC 62541-6
®
Edition 3.0 2020-07
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
OPC unified architecture –
Part 6: Mappings
Architecture unifiée OPC –
Partie 6: Mappings
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 25.040.40; 35.100.05 ISBN 978-2-8322-8596-1
Warning! Make sure that you obtained this publication from an authorized distributor.
Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.
® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale
---------------------- Page: 9 ----------------------
SIST EN IEC 62541-6:2020
– 2 – IEC 62541-6:2020 © IEC 2020
CONTENTS
FOREWORD . 8
1 Scope . 11
2 Normative references . 11
3 Terms, definitions, abbreviated terms and symbols . 13
3.1 Terms and definitions . 13
3.2 Abbreviated terms and symbols . 14
4 Overview . 14
5 Data encoding . 16
5.1 General . 16
5.1.1 Overview . 16
5.1.2 Built-in Types . 16
5.1.3 Guid . 17
5.1.4 ByteString . 17
5.1.5 ExtensionObject . 17
5.1.6 Variant . 18
5.1.7 Decimal . 18
5.2 OPC UA Binary . 19
5.2.1 General . 19
5.2.2 Built-in Types . 19
5.2.3 Decimal . 30
5.2.4 Enumerations . 30
5.2.5 Arrays . 30
5.2.6 Structures . 31
5.2.7 Structures with optional fields . 33
5.2.8 Unions . 35
5.2.9 Messages . 36
5.3 OPC UA XML . 37
5.3.1 Built-in Types . 37
5.3.2 Decimal . 43
5.3.3 Enumerations . 43
5.3.4 Arrays . 44
5.3.5 Structures . 44
5.3.6 Structures with optional fields . 45
5.3.7 Unions . 45
5.3.8 Messages . 46
5.4 OPC UA JSON . 46
5.4.1 General . 46
5.4.2 Built-in Types . 46
5.4.3 Decimal . 52
5.4.4 Enumerations . 52
5.4.5 Arrays . 52
5.4.6 Structures . 53
5.4.7 Structures with optional fields . 53
5.4.8 Unions . 54
5.4.9 Messages . 54
6 Message SecurityProtocols . 55
---------------------- Page: 10 ----------------------
SIST EN IEC 62541-6:2020
IEC 62541-6:2020 © IEC 2020 – 3 –
6.1 Security handshake . 55
6.2 Certificates . 56
6.2.1 General . 56
6.2.2 Application Instance Certificate. 57
6.2.3 Certificate Chains . 58
6.3 Time synchronization . 58
6.4 UTC and International Atomic Time (TAI) . 58
6.5 Issued User Identity Tokens . 58
6.5.1 Kerberos . 58
6.5.2 JSON Web Token (JWT) . 59
6.5.3 OAuth2 . 60
6.6 WS Secure Conversation . 62
6.7 OPC UA Secure Conversation . 62
6.7.1 Overview . 62
6.7.2 MessageChunk structure . 62
6.7.3 MessageChunks and error handling . 67
6.7.4 Establishing a SecureChannel . 67
6.7.5 Deriving keys . 69
6.7.6 Verifying Message security . 70
7 TransportProtocols . 71
7.1 OPC UA Connection Protocol. 71
7.1.1 Overview . 71
7.1.2 Message structure . 72
7.1.3 Establishing a connection . 75
7.1.4 Closing a connection . 77
7.1.5 Error handling . 77
7.2 OPC UA TCP . 79
7.3 SOAP/HTTP . 79
7.4 OPC UA HTTPS . 79
7.4.1 Overview . 79
7.4.2 Session-less Services . 81
7.4.3 XML Encoding . 81
7.4.4 OPC UA Binary Encoding . 82
7.4.5 JSON Encoding . 82
7.5 WebSockets . 83
7.5.1 Overview . 83
7.5.2 Protocol Mapping . 84
7.5.3 Security . 84
7.6 Well known addresses . 85
8 Normative Contracts . 86
8.1 OPC Binary Schema . 86
8.2 XML Schema and WSDL . 86
8.3 Information Model Schema . 86
8.4 Formal definition of UA Information Model. 86
8.5 Constants . 86
8.6 DataType encoding . 86
8.7 Security configuration . 86
Annex A (normative) Constants . 87
A.1 Attribute Ids . 87
---------------------- Page: 11 ----------------------
SIST EN IEC 62541-6:2020
– 4 – IEC 62541-6:2020 © IEC 2020
A.2 Status Codes . 87
A.3 Numeric Node Ids . 88
Annex B (normative) OPC UA Nodeset . 89
Annex C (normative) Type declarations for the OPC UA native Mapping . 90
Annex D (normative) WSDL for the XML Mapping . 91
D.1 XML Schema . 91
D.2 WDSL Port Types . 91
D.3 WSDL Bindings . 91
Annex E (normative) Security settings management . 92
E.1 Overview. 92
E.2 SecuredApplication . 93
E.3 CertificateIdentifier . 96
E.4 CertificateStoreIdentifier . 98
E.5 CertificateList . 99
E.6 CertificateValidationOptions . 99
Annex F (normative) Information Model XML Schema . 101
F.1 Overview. 101
F.2 UANodeSet . 101
F.3 UANode . 103
F.4 Reference . 104
F.5 RolePermission . 104
F.6 UAType . 104
F.7 UAInstance . 105
F.8 UAVariable . 105
F.9 UAMethod . 106
F.10 TranslationType . 106
F.11 UADataType . 107
F.12 DataTypeDefinition . 108
F.13 DataTypeField . 108
F.14 Variant . 109
F.15 Example. 110
F.16 UANodeSetChanges . 112
F.17 NodesToAdd . 113
F.18 ReferencesToChange . 113
F.19 ReferenceToChange . 114
F.20 NodesToDelete . 114
F.21 NodeToDelete . 114
F.22 UANodeSetChangesStatus . 115
F.23 NodeSetStatusList . 115
F.24 NodeSetStatus . 115
Bibliography . 117
Figure 1 – The OPC UA Stack Overview . 15
Figure 2 – Encoding Integers in a binary stream . 20
Figure 3 – Encoding Floating Points in a binary stream . 20
Figure 4 – Encoding Strings in a binary stream . 21
Figure 5 – Encoding Guids in a binary stream . 22
---------------------- Page: 12 ----------------------
SIST EN IEC 62541-6:2020
IEC 62541-6:2020 © IEC 2020 – 5 –
Figure 6 – Encoding XmlElement in a binary stream . 22
Figure 7 – A String NodeId . 23
Figure 8 – A Two Byte NodeId . 24
Figure 9 – A Four Byte NodeId . 24
Figure 10 – Security handshake . 55
Figure 11 – OPC UA Secure Conversation MessageChunk . 63
Figure 12 – OPC UA Connection Protocol Message structure . 72
Figure 13 – Client initiated OPC UA Connection Protocol connection . 76
Figure 14 – Server initiated OPC UA Connection Protocol connection . 76
Figure 15 – Closing a OPC UA Connection Protocol connection . 77
Figure 16 – Scenarios for the HTTPS Transport . 80
Figure 17 – Setting up Communication over a WebSocket . 84
Table 1 – Built-in Data Types . 16
Table 2 – Guid structure . 17
Table 3 – Layout of Decimal . 19
Table 4 – Supported Floating Point Types . 20
Table 5 – NodeId components . 22
Table 6 – NodeId DataEncoding values . 23
Table 7 – Standard NodeId Binary DataEncoding .
...
SLOVENSKI STANDARD
oSIST prEN IEC 62541-6:2018
01-november-2018
(QRWQDDUKLWHNWXUD23&GHO1DþUWRYDQMH
OPC unified architecture - Part 6: Mappings
OPC Unified Architecture - Teil 6: Protokollabbildungen
Architecture unifiée OPC - Partie 6: Correspondances
Ta slovenski standard je istoveten z: prEN IEC 62541-6:2018
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
oSIST prEN IEC 62541-6:2018 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
oSIST prEN IEC 62541-6:2018
---------------------- Page: 2 ----------------------
oSIST prEN IEC 62541-6:2018
65E/607/CDV
COMMITTEE DRAFT FOR VOTE (CDV)
PROJECT NUMBER:
IEC 62541-6 ED3
DATE OF CIRCULATION: CLOSING DATE FOR VOTING:
2018-08-17 2018-11-09
SUPERSEDES DOCUMENTS:
65E/555/RR
IEC SC 65E : DEVICES AND INTEGRATION IN ENTERPRISE SYSTEMS
SECRETARIAT: SECRETARY:
United States of America Mr Donald (Bob) Lattimer
OF INTEREST TO THE FOLLOWING COMMITTEES: PROPOSED HORIZONTAL STANDARD:
Other TC/SCs are requested to indicate their interest, if any,
in this CDV to the secretary.
FUNCTIONS CONCERNED:
EMC ENVIRONMENT QUALITY ASSURANCE SAFETY
SUBMITTED FOR CENELEC PARALLEL VOTING NOT SUBMITTED FOR CENELEC PARALLEL VOTING
Attention IEC-CENELEC parallel voting
The attention of IEC National Committees, members of
CENELEC, is drawn to the fact that this Committee Draft for
Vote (CDV) is submitted for parallel voting.
The CENELEC members are invited to vote through the
CENELEC online voting system.
This document is still under study and subject to change. It should not be used for reference purposes.
Recipients of this document are invited to submit, with their comments, notification of any relevant patent rights of which
they are aware and to provide supporting documentation.
TITLE:
OPC unified architecture - Part 6: Mappings
PROPOSED STABILITY DATE: 2021
NOTE FROM TC/SC OFFICERS:
Copyright © 2018 International Electrotechnical Commission, IEC. All rights reserved. It is permitted to download this
electronic file, to make a copy and to print out the content for the sole purpose of preparing National Committee positions.
You may not copy or "mirror" the file or printed version of the document, or any part of it, for any other purpose without
permission in writing from IEC.
---------------------- Page: 3 ----------------------
oSIST prEN IEC 62541-6:2018
IEC CDV 62541-6 © IEC 2017 - 2 - 65E/607/CDV
CONTENTS
FIGURES . 4
TABLES . 5
FOREWORD . 8
1 Scope . 11
2 Normative references . 11
3 Terms, definitions and conventions . 13
3.1 Terms and definitions . 13
3.2 Abbreviations and symbols . 14
4 Overview . 14
5 Data encoding . 15
5.1 General . 15
5.1.1 Overview . 15
5.1.2 Built-in Types . 15
5.1.3 Guid . 16
5.1.4 ByteString . 17
5.1.5 ExtensionObject . 17
5.1.6 Variant . 17
5.1.7 Decimal . 18
5.2 OPC UA Binary . 18
5.2.1 General . 18
5.2.2 Built-in Types . 19
5.2.3 Decimal . 27
5.2.4 Enumerations . 27
5.2.5 Arrays . 27
5.2.6 Structures . 27
5.2.7 Structures with optional fields . 29
5.2.8 Unions . 31
5.2.9 Messages . 32
5.3 OPC UA XML . 33
5.3.1 Built-in Types . 33
5.3.2 Decimal . 39
5.3.3 Enumerations . 39
5.3.4 Arrays . 40
5.3.5 Structures . 40
5.3.6 Structures with optional fields . 40
5.3.7 Unions . 41
5.3.8 Messages . 41
5.4 OPC UA JSON . 41
5.4.1 General . 41
5.4.2 Built-in Types . 42
5.4.3 Decimal . 46
5.4.4 Enumerations . 46
5.4.5 Arrays . 46
5.4.6 Structures . 47
5.4.7 Structures with optional fields . 47
5.4.8 Unions . 48
---------------------- Page: 4 ----------------------
oSIST prEN IEC 62541-6:2018
65E/607/CDV - 3 - IEC CDV 62541-6 © IEC 2017
5.4.9 Messages . 48
6 Message Security Protocols . 48
6.1 Security handshake . 48
6.2 Certificates . 50
6.2.1 General . 50
6.2.2 Application Instance Certificate . 50
6.2.3 Certificate Chains . 51
6.3 Time synchronization . 52
6.4 UTC and International Atomic Time (TAI) . 52
6.5 Issued User Identity Tokens . 52
6.5.1 Kerberos . 52
6.5.2 JSON Web Token (JWT) . 52
6.5.3 OAuth2 . 53
6.6 WS Secure Conversation. 55
6.7 OPC UA Secure Conversation . 55
6.7.1 Overview . 55
6.7.2 MessageChunk structure . 55
6.7.3 MessageChunks and error handling . 59
6.7.4 Establishing a Secure Channel . 59
6.7.5 Deriving keys . 61
6.7.6 Verifying Message Security . 62
7 Transport Protocols . 63
7.1 OPC UA Connection Protocol . 63
7.1.1 Overview . 63
7.1.2 Message structure. 63
7.1.3 Establishing a connection . 66
7.1.4 Closing a connection . 67
7.1.5 Error handling . 68
7.2 OPC UA TCP . 69
7.3 SOAP/HTTP . 69
7.4 OPC UA HTTPS . 69
7.4.1 Overview . 69
7.4.2 Session-less Services . 70
7.4.3 XML Encoding . 71
7.4.4 OPC UA Binary Encoding . 72
7.4.5 JSON Encoding . 72
7.5 WebSockets . 72
7.5.1 Overview . 72
7.5.2 Protocol Mapping . 73
7.5.3 Security . 74
7.6 Well known addresses . 74
8 Normative Contracts . 75
8.1 OPC Binary Schema . 75
8.2 XML Schema and WSDL . 75
Annex A (normative) Constants . 76
A.1 Attribute Ids . 76
A.2 Status Codes . 76
A.3 Numeric Node Ids . 76
---------------------- Page: 5 ----------------------
oSIST prEN IEC 62541-6:2018
IEC CDV 62541-6 © IEC 2017 - 4 - 65E/607/CDV
Annex B (normative) OPC UA Nodeset . 78
Annex C (normative) Type declarations for the OPC UA native Mapping . 79
Annex D (normative) WSDL for the XML Mapping . 80
D.1 XML Schema . 80
D.2 WDSL Port Types . 80
D.3 WSDL Bindings . 80
Annex E (normative) Security settings management . 81
E.1 Overview . 81
E.2 SecuredApplication . 82
E.3 CertificateIdentifier . 85
E.4 CertificateStoreIdentifier . 86
E.5 CertificateList . 87
E.6 CertificateValidationOptions . 87
Annex F (normative) Information Model XML Schema . 88
F.1 Overview . 88
F.2 UANodeSet . 88
F.3 UANode . 89
F.4 Reference . 90
F.5 RolePermission . 91
F.6 UAType . 91
F.7 UAInstance . 91
F.8 UAVariable . 92
F.9 UAMethod . 92
F.10 TranslationType . 93
F.11 UADataType . 94
F.12 DataTypeDefinition . 94
F.13 DataTypeField . 94
F.14 Variant . 95
F.15 Example (Informative) . 95
F.16 UANodeSetChanges. 98
F.17 NodesToAdd . 99
F.18 ReferencesToChange . 99
F.19 ReferenceToChange . 99
F.20 NodesToDelete . 100
F.21 NodeToDelete . 100
F.22 UANodeSetChangesStatus . 100
F.23 NodeSetStatusList . 100
F.24 NodeSetStatus . 101
FIGURES
Figure 1 – The OPC UA Stack Overview . 15
Figure 2 – Encoding Integers in a binary stream . 19
Figure 3 – Encoding Floating Points in a binary stream . 19
Figure 4 – Encoding Strings in a binary stream . 20
Figure 5 – Encoding Guids in a binary stream . 21
Figure 6 – Encoding XmlElement in a binary stream . 21
---------------------- Page: 6 ----------------------
oSIST prEN IEC 62541-6:2018
65E/607/CDV - 5 - IEC CDV 62541-6 © IEC 2017
Figure 7 – A String NodeId . 22
Figure 8 – A Two Byte NodeId . 22
Figure 9 – A Four Byte NodeId . 23
Figure 10 – Security handshake . 49
Figure 11 – OPC UA Secure Conversation MessageChunk . 56
Figure 12 – OPC UA Connection Protocol Message structure . 63
Figure 13 – Client initiated OPC UA Connection Protocol connection . 66
Figure 14 – Server initiated OPC UA Connection Protocol connection . 67
Figure 15 – Closing a OPC UA Connection Protocol connection . 67
Figure 16 – Scenarios for the HTTPS Transport . 70
Figure 19 – Setting up Communication over a WebSocket . 73
TABLES
Table 1 – Built-in Data Types . 16
Table 2 – Guid structure . 16
Table 3 – Layout of Decimal . 18
Table 4 – Supported Floating Point Types . 19
Table 5 – NodeId components . 21
Table 6 – NodeId Data Encoding values . 22
Table 7 – Standard NodeId Binary Data Encoding . 22
Table 8 – Two Byte NodeId Binary Data Encoding . 22
Table 9 – Four Byte NodeId Binary Data Encoding . 23
Table 10 – ExpandedNodeId Binary Data Encoding . 23
Table 11 – DiagnosticInfo Binary Data Encoding . 24
Table 12 – QualifiedName Binary Data Encoding . 24
Table 13 – LocalizedText Binary Data Encoding . 25
Table 14 – Extension Object Binary Data Encoding . 25
Table 15 – Variant Binary Data Encoding . 26
Table 16 – Data Value Binary Data Encoding . 27
Table 17 – Sample OPC UA Binary Encoded structure . 28
Table 17 – Sample OPC UA Binary Encoded Structure with optional fields . 30
Table 18 – Sample OPC UA Binary Encoded Structure . 32
Table 18 – XML Data Type Mappings for Integers . 33
Table 19 – XML Data Type Mappings for Floating Points . 33
Table 20 – Components of NodeId . 35
Table 21 – Components of ExpandedNodeId . 36
Table 22 – Components of Enumeration . 39
Table 23 – JSON Object Definition for a NodeId . 43
Table 24 – JSON Object Definition for an ExpandedNodeId . 43
Table 25 – JSON Object Definition for a StatusCode . 44
Table 26 – JSON Object Definition for a DiagnosticInfo . 44
Table 27 – JSON Object Definition for a QualifiedName . 45
---------------------- Page: 7 ----------------------
oSIST prEN IEC 62541-6:2018
IEC CDV 62541-6 © IEC 2017 - 6 - 65E/607/CDV
Table 28 – JSON Object Definition for a LocalizedText. 45
Table 29 – JSON Object Definition for a ExtensionObject . 45
Table 30 – JSON Object Definition for a Variant . 45
Table 31 – JSON Object Definition for a DataValue . 46
Table 32 – JSON Object Definition for a Decimal . 46
Table 33 – JSON Object Definition for a Structures with Optional Fields. 47
Table 34 – JSON Object Definition for a Union . 48
Table 35 – SecurityPolicy . 49
Table 36 – Application Instance Certificate . 51
Table 37 – Kerberos UserTokenPolicy . 52
Table 38 – JWT UserTokenPolicy . 53
Table 39 – JWT IssuerEndpointUrl Definition . 53
Table 40 – Access Token Claims . 54
Table 41 – OPC UA Secure Conversation Message header . 56
Table 42 – Asymmetric algorithm Security header . 57
Table 43 – Symmetric algorithm Security header . 58
Table 44 – Sequence header . 58
Table 45 – OPC UA Secure Conversation Message footer . 58
Table 46 – OPC UA Secure Conversation Message abort body . 59
Table 47 – OPC UA Secure Conversation OpenSecureChannel Service . 60
Table 48 – PRF inputs for RSA based SecurityPolicies . 61
Table 49 – Cryptography key generation parameters . 61
Table 50 – OPC UA Connection Protocol Message header . 64
Table 51 – OPC UA Connection Protocol Hello Message. 64
Table 52 – OPC UA Connection Protocol Acknowledge Message . 65
Table 53 – OPC UA Connection Protocol Error Message . 65
Table 54 – OPC UA Connection Protocol ReverseHello Message . 65
Table 55 – OPC UA Connection Protocol error codes . 68
Table 57 – WebSocket Protocols Mappings . 73
Table 58 – Well known addresses for Local Discovery Servers. 74
Table A.1 – Identifiers assigned to Attributes . 76
Table E.1 – SecuredApplication. 82
Table E.2 – CertificateIdentifier . 85
Table E.3 – Structured directory store . 86
Table E.4 – CertificateStoreIdentifier . 86
Table E.5 – CertificateList . 87
Table E.6 – CertificateValidationOptions . 87
Table F.1 – UANodeSet. 89
Table F.2 – UANode . 90
Table F.3 – Reference . 91
Table F.4 – RolePermission . 91
Table F.5 – UANodeSet Type Nodes . 91
Table F.6 – UANodeSet Instance Nodes . 91
---------------------- Page: 8 ----------------------
oSIST prEN
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.