INFORMATION
OPC UA and CodeMeter
OPC Unified Architecture( UA) is increasingly establishing itself as the accepted standard in the automation industry. The open IEC 62541 standard guarantees platform independence, object orientation, and type safety, and now adds IT security as another technological cornerstone. It is completely interoperable from the smallest device to enterprise-level IT, and even cloud solutions. As a world-leading protection and licensing technology, CodeMeter is an ideal partner for OPC UA, storing keys and certificates in secure hardware and adding not just greater security, but also new business opportunities with licensing for OPC UA devices.
OPC UA Client Application Layer
■ User Authorization
■ User Authentication
Communication Layer
■ Confidentiality
■ Integrity
■ App Authentication
OPC UA offers exceptional security on the protocol level
OPC UA is more than a communication protocol. The open standard covers:
■■ Confidentiality: Encrypting data
■■ Integrity: Signing data
■■ Application authentication
■■ User authentication
■■ User authorization
■■ Auditing
■■
Availability
Session
Secure Channel
Transport Layer
OPC UA Server Application Layer
■ User Authorization
■ User Authentication
Communication Layer
■ Confidentiality
■ Integrity
■ App Authentication
Source: OPC Foundation
It offers authentication on the transport layer, with X. 509 certificates and trust managed with a public key infrastructure. OPC UA also guarantees top security during data transmission.
Broad support OPC UA has won extensive support e. g. from the Industrial Internet Consortium( IIC) the Chinese Alliance Industrial Internet( AII), and Plattform Industrie 4.0. Germany’ s Federal Office of Information Security has evaluated its security. It will not be the only standard accepted around the world, as e. g. DDS by Object Management Group( OMG) is also available and as its use depends on the specific application.
Endpoint security In a connected world, all endpoints need to be secure, whether they are sensors or actuators, controllers, or historians in the cloud.
Cloud Computing
Computational Network( Core, Fog)
Edge
The Industrial Internet Security Framework( IISF) published in September 2016 describes the many elements of endpoint protection.
Holistic security does not stop at the protocol layer
In addition to communication, the security of endpoints is just as important.
Endpoints are where operating systems, libraries, drivers, and applications are exposed
12