OPC Unified Architecture - Part 6: Mappings (IEC 62541-6:2015)

This part of IEC 62541 specifies the OPC Unified Architecture (OPC UA) mapping between
the security model described in IEC TR 62541-2, the abstract service definitions, described in
IEC 62541-4, the data structures defined in IEC 62541-5 and the physical network protocols
that can be used to implement the OPC UA specification.

OPC unified architecture - Part 6: Mappings (IEC 62541-6:2015)

Architecture unifiée OPC - Partie 6: Correspondances (IEC 62541-6:2015)

L'IEC 62541-6:2015 spécifie les correspondances de l'architecture unifiée OPC (OPC UA) entre le modèle de sécurité décrit dans l'IEC TR 62541-2, les définitions de services abstraits décrites dans l'IEC 62541-4, les structures de données définies dans l'IEC 62541-5 et les protocoles de réseaux physiques qui peuvent être utilisés pour mettre en oeuvre la spécification OPC UA. Cette deuxième édition annule et remplace la première édition parue en 2011. Elle constitue une révision technique. Elle inclut les modifications suivantes:
- Un nouveau protocole de transport HTTPS;
- Ajout d'un octet de remplissage supplémentaire pour gérer les tailles des clés asymétriques de longueur supérieure à 2048 bits. Définition des erreurs fixes dans les URI d'action SOAP;
- Ajout du schéma de l'Ensemble de Noeuds UA (UANodeSet) défini à l'Annexe F.

Enotna arhitektura OPC - 6. del: Načrtovanje (IEC 62541-6:2015)

Ta del standarda IEC 62541 določa načrtovanje enotne arhitekture OPC (OPC UA) med zaščitnim modelom iz standarda IEC TR 62541-2, definicijami abstraktnih storitev iz standarda IEC 62541-4, podatkovnimi strukturami iz standarda IEC 62541-5 in fizičnimi omrežnimi protokoli, ki jih je mogoče uporabiti za izvajanje specifikacije enotne arhitekture OPC.

General Information

Status
Withdrawn
Publication Date
09-Sep-2015
Withdrawal Date
30-May-2023
Current Stage
9900 - Withdrawal (Adopted Project)
Start Date
30-May-2023
Due Date
22-Jun-2023
Completion Date
31-May-2023

Relations

Buy Standard

Standard
EN 62541-6:2015 - BARVE
English language
87 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 62541-6:2015
01-oktober-2015
1DGRPHãþD
SIST EN 62541-6:2012
(QRWQDDUKLWHNWXUD23&GHO1DþUWRYDQMH ,(&
OPC Unified Architecture - Part 6: Mappings (IEC 62541-6:2015)
OPC unified architecture - Part 6: Mappings (IEC 62541-6:2015)
Architecture unifiée OPC - Partie 6: Correspondances (IEC 62541-6:2015)
Ta slovenski standard je istoveten z: EN 62541-6:2015
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
SIST EN 62541-6:2015 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN 62541-6:2015

---------------------- Page: 2 ----------------------

SIST EN 62541-6:2015


EUROPEAN STANDARD EN 62541-6

NORME EUROPÉENNE

EUROPÄISCHE NORM
May 2015
ICS 25.040.40; 35.100 Supersedes EN 62541-6:2011
English Version
OPC unified architecture - Part 6: Mappings
(IEC 62541-6:2015)
Architecture unifiée OPC - Partie 6: Correspondances OPC Unified Architecture - Teil 6: Protokollabbildungen
(IEC 62541-6:2015) (IEC 62541-6:2015)
This European Standard was approved by CENELEC on 2015-04-29. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2015 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
 Ref. No. EN 62541-6:2015 E

---------------------- Page: 3 ----------------------

SIST EN 62541-6:2015
EN 62541-6:2015 - 2 -
Foreword
The text of document 65E/377/CDV, future edition 2 of IEC 62541-6, prepared by SC 65E "Devices
and integration in enterprise systems", of IEC/TC 65 "Industrial-process measurement, control and
automation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
EN 62541-6:2015.
The following dates are fixed:
• latest date by which the document has to be implemented at (dop) 2016-01-29
national level by publication of an identical national
standard or by endorsement
(dow) 2018-04-29
• latest date by which the national standards conflicting with
the document have to be withdrawn

This document supersedes EN 62541-6:2011.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC [and/or CEN] shall not be held responsible for identifying any or all such
patent rights.
This document has been prepared under a mandate given to CENELEC by the European Commission
and the European Free Trade Association, and supports essential requirements of EU Directive(s).
Endorsement notice
The text of the International Standard IEC 62541-6:2015 was approved by CENELEC as a European
Standard without any modification.

---------------------- Page: 4 ----------------------

SIST EN 62541-6:2015
- 3 - EN 62541-6:2015
Annex ZA
(normative)

Normative references to international publications
with their corresponding European publications
The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.
NOTE 1 When an International Publication has been modified by common modifications, indicated by (mod),
the relevant EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is
available here: www.cenelec.eu.

Publication Year Title EN/HD Year
IEC/TR 62541-1 -  OPC unified architecture - CLC/TR 62541-1 -
Part 1: Overview and concepts
IEC/TR 62541-2 -  OPC unified architecture - CLC/TR 62541-2 -
Part 2: Security model
IEC 62541-3 -  OPC unified architecture - EN 62541-3 -
Part 3: Address Space Model
IEC 62541-4 -  OPC Unified Architecture - EN 62541-4 -
Part 4: Services
IEC 62541-5 -  OPC unified architecture - EN 62541-5 -
Part 5: Information Model
IEC 62541-7 -  OPC unified architecture - EN 62541-7 -
Part 7: Profiles
IEEE 754 2008 IEEE Standard for Binary Floating-Point - -
Arithmetic
ITU-T X.509 -  Information technology - Open systems - -
interconnection - The Directory: Public-key
and attribute certificate frameworks
ITU-T X.690 2002 Information technology - ASN.1 encoding - -
rules: Specification of Basic Encoding
Rules (BER), Canonical Encoding Rules
(CER) and Distinguished Encoding Rules
(DER)
FIPS PUB 180-2 2002 Secure Hash Standard - -
FIPS PUB 197 2001 Advanced Encryption Standard (AES) - -
RFC 1305 1992 Network Time Protocol (Version 3) - - -
Specification, Implementation and Analysis
RFC 2104 1997 HMAC: Keyed-Hashing for Message - -
Authentication
RFC 2437 1998 PKCS #1: RSA Cryptography - -
Specifications Version 2.0

---------------------- Page: 5 ----------------------

SIST EN 62541-6:2015
EN 62541-6:2015 - 4 -
Publication Year Title EN/HD Year
RFC 2616 1999 Hypertext Transfer Protocol - HTTP/1.1 - -
RFC 3280 2002 Internet X.509 Public Key Infrastructure - -
Certificate and Certificate Revocation List
(CRL) Profile
RFC 3548 2003 The Base16, Base32, and Base64 Data - -
Encodings
RFC 3629 2003 UTF-8, a transformation format of - -
ISO 10646
RFC 4514 2006 Lightweight Directory Access Protocol - -
(LDAP): String Representation of
Distinguished Names
RFC 5246 2008 The Transport Layer Security (TLS) - -
Protocol Version 1.2
SOAP Part 1 2007 SOAP Version 1.2 - - -
Part 1: Messaging Framework
SOAP Part 2 2007 SOAP Version 1.2 - - -
Part 2: Adjuncts
WS-Addressing 2004 Web Services Addressing - -
(WS-Addressing)
XML Encryption 2002 XML Encryption Syntax and Processing - -
XML Schema Part 1 2004 XML Schema - - -
Part 1: Structures
XML Schema Part 2 2004 XML Schema - - -
Part 2: Datatypes
XML Signature 2008 XML Signature Syntax and Processing - -

---------------------- Page: 6 ----------------------

SIST EN 62541-6:2015




IEC 62541-6

®


Edition 2.0 2015-03




INTERNATIONAL



STANDARD




NORME



INTERNATIONALE
colour

inside










OPC unified architecture –

Part 6: Mappings




Architecture unifiée OPC –

Partie 6: Correspondances















INTERNATIONAL

ELECTROTECHNICAL

COMMISSION


COMMISSION

ELECTROTECHNIQUE


INTERNATIONALE




ICS 25.040.40; 35.100 ISBN 978-2-8322-2373-4



Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale

---------------------- Page: 7 ----------------------

SIST EN 62541-6:2015
– 2 – IEC 62541-6:2015 © IEC 2015
CONTENTS
FOREWORD . 7
1 Scope . 9
2 Normative references . 9
3 Terms, definitions, abbreviations and symbols . 11
3.1 Terms and definitions . 11
3.2 Abbreviations and symbols . 11
4 Overview . 12
5 Data encoding . 13
5.1 General . 13
5.1.1 Overview . 13
5.1.2 Built-in Types . 13
5.1.3 Guid . 14
5.1.4 ByteString . 15
5.1.5 ExtensionObject` . 15
5.1.6 Variant . 15
5.2 OPC UA Binary . 16
5.2.1 General. 16
5.2.2 Built-in Types . 16
5.2.3 Enumerations. 25
5.2.4 Arrays . 25
5.2.5 Structures . 25
5.2.6 Messages . 26
5.3 XML . 26
5.3.1 Built-in Types . 26
5.3.2 Enumerations. 33
5.3.3 Arrays . 33
5.3.4 Structures . 33
5.3.5 Messages . 34
6 Message SecurityProtocols . 34
6.1 Security handshake . 34
6.2 Certificates . 35
6.2.1 General. 35
6.2.2 Application Instance Certificate . 36
6.2.3 Signed Software Certificate. 36
6.3 Time synchronization . 37
6.4 UTC and International Atomic Time (TAI) . 37
6.5 Issued User Identity Tokens – Kerberos . 38
6.6 WS Secure Conversation . 38
6.6.1 Overview . 38
6.6.2 Notation . 40
6.6.3 Request Security Token (RST/SCT) . 40
6.6.4 Request Security Token Response (RSTR/SCT) . 41
6.6.5 Using the SCT . 42
6.6.6 Cancelling Security contexts . 42
6.7 OPC UA Secure Conversation . 43
6.7.1 Overview . 43

---------------------- Page: 8 ----------------------

SIST EN 62541-6:2015
IEC 62541-6:2015 © IEC 2015 – 3 –
6.7.2 MessageChunk structure . 43
6.7.3 MessageChunks and error handling . 46
6.7.4 Establishing a SecureChannel . 47
6.7.5 Deriving keys . 48
6.7.6 Verifying Message Security . 49
7 Transport Protocols . 50
7.1 OPC UA TCP . 50
7.1.1 Overview . 50
7.1.2 Message structure . 50
7.1.3 Establishing a connection . 52
7.1.4 Closing a connection. 53
7.1.5 Error handling . 54
7.1.6 Error recovery . 54
7.2 SOAP/HTTP . 56
7.2.1 Overview . 56
7.2.2 XML Encoding . 56
7.2.3 OPC UA Binary Encoding . 57
7.3 HTTPS . 57
7.3.1 Overview . 57
7.3.2 XML Encoding . 59
7.3.3 OPC UA Binary Encoding . 60
7.4 Well known addresses . 60
8 Normative Contracts . 61
8.1 OPC Binary Schema . 61
8.2 XML Schema and WSDL . 61
Annex A (normative) Constants . 62
A.1 Attribute Ids . 62
A.2 Status Codes . 62
A.3 Numeric Node Ids . 62
Annex B (normative) OPC UA Nodeset . 64
Annex C (normative) Type declarations for the OPC UA native Mapping . 65
Annex D (normative) WSDL for the XML Mapping . 66
D.1 XML Schema . 66
D.2 WDSL Port Types . 66
D.3 WSDL Bindings . 66
Annex E (normative) Security settings management . 67
E.1 Overview. 67
E.2 SecuredApplication . 68
E.3 CertificateIdentifier . 71
E.4 CertificateStoreIdentifier . 73
E.5 CertificateList . 73
E.6 CertificateValidationOptions . 73
Annex F (normative) Information Model XML Schema . 75
F.1 Overview. 75
F.2 UANodeSet . 75
F.3 UANode . 76
F.4 Reference . 76
F.5 UAType . 77

---------------------- Page: 9 ----------------------

SIST EN 62541-6:2015
– 4 – IEC 62541-6:2015 © IEC 2015
F.6 UAInstance . 77
F.7 UAVariable . 77
F.8 UAMethod . 78
F.9 TranslationType . 78
F.10 UADataType . 79
F.11 DataTypeDefinition . 79
F.12 DataTypeField . 80
F.13 Variant . 80
F.14 Example (Informative) . 81

Figure 1 – The OPC UA Stack Overview . 13
Figure 2 – Encoding Integers in a binary stream . 16
Figure 3 – Encoding Floating Points in a binary stream . 17
Figure 4 – Encoding Strings in a binary stream . 17
Figure 5 – Encoding Guids in a binary stream . 18
Figure 6 – Encoding XmlElements in a binary stream . 19
Figure 7 – A String NodeId . 20
Figure 8 – A Two Byte NodeId . 20
Figure 9 – A Four Byte NodeId . 21
Figure 10 – Security handshake . 34
Figure 11 – Relevant XML Web Services specifications . 39
Figure 12 – The WS Secure Conversation handshake . 39
Figure 13 – OPC UA Secure Conversation MessageChunk . 43
Figure 14 – OPC UA TCP Message structure . 52
Figure 15 – Establishing a OPC UA TCP connection . 53
Figure 16 – Closing a OPC UA TCP connection . 53
Figure 17 – Recovering an OPC UA TCP connection . 55
Figure 18 – Scenarios for the HTTPS Transport . 58

Table 1 – Built-in Data Types . 14
Table 2 – Guid structure . 14
Table 3 – Supported Floating Point Types . 17
Table 4 – NodeId components . 19
Table 5 – NodeId DataEncoding values . 19
Table 6 – Standard NodeId Binary DataEncoding . 19
Table 7 – Two Byte NodeId Binary DataEncoding . 20
Table 8 – Four Byte NodeId Binary DataEncoding. 20
Table 9 – ExpandedNodeId Binary DataEncoding . 21
Table 10 – DiagnosticInfo Binary DataEncoding . 22
Table 11 – QualifiedName Binary DataEncoding . 22
Table 12 – LocalizedText Binary DataEncoding . 22
Table 13 – Extension Object Binary DataEncoding. 23
Table 14 – Variant Binary DataEncoding . 24
Table 15 – Data Value Binary DataEncoding . 25

---------------------- Page: 10 ----------------------

SIST EN 62541-6:2015
IEC 62541-6:2015 © IEC 2015 – 5 –
Table 16 – Sample OPC UA Binary Encoded structure . 26
Table 17 – XML Data Type Mappings for Integers . 27
Table 18 – XML Data Type Mappings for Floating Points . 27
Table 19 – Components of NodeId . 29
Table 20 – Components of ExpandedNodeId . 30
Table 21 – Components of Enumeration . 33
Table 22 – SecurityPolicy . 35
Table 23 – ApplicationInstanceCertificate . 36
Table 24 – SignedSoftwareCertificate . 37
Table 25 – Kerberos UserTokenPolicy . 38
Table 26 – WS-* Namespace prefixes . 40
Table 27 – RST/SCT Mapping to an OpenSecureChannel Request . 41
Table 28 – RSTR/SCT Mapping to an OpenSecureChannel Response . 42
Table 29 – OPC UA Secure Conversation Message header . 44
Table 30 – Asymmetric algorithm Security header . 44
Table 31 – Symmetric algorithm Security header . 45
Table 32 – Sequence header . 45
Table 33 – OPC UA Secure Conversation Message footer . 46
Table 34 – OPC UA Secure Conversation Message abort body . 47
Table 35 – OPC UA Secure Conversation OpenSecureChannel Service . 47
Table 36 – Cryptography key generation parameters . 49
Table 37 – OPC UA TCP Message header . 50
Table 38 – OPC UA TCP Hello Message . 51
Table 39 – OPC UA TCP Acknowledge Message . 51
Table 40 – OPC UA TCP Error Message . 52
Table 41 – OPC UA TCP error codes . 54
Table 42 – WS-Addressing headers . 56
Table 43 – Well known addresses for Local Discovery Servers . 60
Table A.1 – Identifiers assigned to Attributes . 62
Table E.1 – SecuredApplication . 69
Table E.2 – CertificateIdentifier . 71
Table E.3 – Structured directory store . 72
Table E.4 – CertificateStoreIdentfier . 73
Table E.5 – CertificateList . 73
Table E.6 – CertificateValidationOptions . 74
Table F.1 – UANodeSet . 75
Table F.2 – UANode . 76
Table F.3 – Reference . 77
Table F.4 – UANodeSet Type Nodes. 77
Table F.5 – UANodeSet Instance Nodes . 77
Table F.6 – UAInstance .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.