This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Secure data exchange: OPC UA guidelines

08 April 2018

A whitepaper entitled ‘Practical Security Recommendations’ offers guidance for industry on ensuring secure data exchange and communication.

Published by the OPC Foundation the document offers practical and easy to understand advice for the secure configuration and use of OPC UA in industry.?

Rapid growth in the networking and digitisation of industrial systems brings new security challenges which must be addressed systematically. In particular, beyond the need for implementing secure network infrastructures, it is essential to protect product and production data. 

“Currently, users and developers are overwhelmed with making security decisions. Incorrect use of security features causes many security vulnerabilities, due to difficulties to use software and a lack of security knowledge. Documentation, tutorials, and good examples are often missing,” said Prof Dr Eric Bodden, professor of Software Engineering at Paderborn University and director of Software Engineering at Fraunhofer IEM.?

To help address this challenge, the OPC Foundation established a security user group with the aim of developing best practices and guidelines for typical OPC UA security use cases. ?

The German government sanctioned organisation, Intelligent Technical Systems OstWestfalenLippe (it’s OWL) supplied the group with key use cases and requirements to help ensure output addresses users’ real-world orientation and practical knowledge needs.  “OPC UA is secure by design, but you actually have to use the security features it provides to reap the benefits,” said Erich Barnstedt, principal software engineering Lead, Azure Industrial IoT at Microsoft. “The security configuration task can be simplified dramatically when an OPC UA server is secure by default, i.e. all security features are already turned on when the customer takes the server out of the box for the first time. It is also important for the device vendors to make the security configuration as simple as possible, for example by providing wizards and easy to understand guidelines. We can’t expect OPC UA server users to be security experts.”

A second whitepaper presenting best practices and selected use cases for a secure implementation and operation of OPC UA is expected to be released later in 2018.

The document is on the OPC Foundation website:

Contact Details and Archive...

Print this page | E-mail this page