BS EN IEC 62541-7:2020
$215.11
OPC unified architecture – Profiles
| Published By | Publication Date | Number of Pages |
| BSI | 2020 | 132 |
IEC 62541-7:2020 is available as IEC 62541-7:2020 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.
IEC 62541-7:2020 defines the OPC Unified Architecture (OPC UA) Profiles. The Profiles in this document are used to segregate features with regard to testing of OPC UA products and the nature of the testing (tool based or lab based). This includes the testing performed by the OPC Foundation provided OPC UA CTT (a self-test tool) and by the OPC Foundation provided Independent certification test labs. This could equally as well refer to test tools provided by another organization or a test lab provided by another organization. What is important is the concept of automated tool-based testing versus lab-based testing. The scope of this standard includes defining functionality that can only be tested in a lab and defining the grouping of functionality that is to be used when testing OPC UA products either in a lab or using automated tools. The definition of actual TestCases is not within the scope of this document, but the general categories of TestCases are within the scope of this document. Most OPC UA applications will conform to several, but not all, of the Profiles. This third edition cancels and replaces the second edition published in 2015. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) new functional Profiles: • profiles for global discovery and global certificate management; • profiles for global KeyCredential management and global access token management; • facet for durable subscriptions; • standard UA Client Profile; • profiles for administration of user roles and permissions. b) new transport Profiles: • HTTPS with JSON encoding; • secure WebSockets (WSS) with binary or JSON encoding; • reverse connectivity. c) new security Profiles: • transportSecurity – TLS 1.2 with PFS (with perfect forward secrecy); • securityPolicy [A] – Aes128-Sha256-RsaOaep (replaces Base128Rsa15); • securityPolicy – Aes256-Sha256-RsaPss adds perfect forward secrecy for UA TCP); • user Token JWT (Jason Web Token). d) deprecated Security Profiles (due to broken algorithms): • securityPolicy – Basic128Rsa15 (broken algorithm Sha1); • securityPolicy – Basic256 (broken algorithm Sha1); • transportSecurity – TLS 1.0 (broken algorithm RC4); • transportSecurity – TLS 1.1 (broken algorithm RC4). e) deprecated Transport (missing support on most platforms): • SOAP/HTTP with WS-SecureConversation (all encodings).
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 2 | undefined |
| 5 | Annex ZA(normative)Normative references to international publicationswith their corresponding European publications |
| 7 | English CONTENTS |
| 17 | FOREWORD |
| 20 | 1 Scope 2 Normative references |
| 21 | 3 Terms, definitions, and abbreviated terms 3.1 Terms and definitions |
| 22 | 3.2 Abbreviated terms 4 Overview 4.1 General |
| 23 | 4.2 ConformanceUnit 4.3 Profiles Figures Figure 1 – Profile – ConformanceUnit – TestCases |
| 24 | 4.4 Profile Categories 5 Conformance Units 5.1 Overview Tables Table 1 – Profile Categories |
| 25 | 5.2 Services Table 2 – Conformance Groups |
| 26 | Table 3 – Discovery Services |
| 27 | Table 4 – Session Services |
| 28 | Table 5 – Node Management Services |
| 29 | Table 6 – View Services |
| 30 | Table 7 – Attribute Services |
| 31 | Table 8 – Method Services |
| 32 | Table 9 – Monitored Item Services |
| 34 | Table 10 – Subscription Services |
| 35 | 5.3 Transport and communication related features |
| 36 | Table 11 – Security |
| 43 | 5.4 Information Model and AddressSpace related features Table 12 – Protocol and Encoding |
| 44 | Table 13 – Base Information |
| 46 | Table 14 – Address Space Model |
| 47 | Table 15 – Data Access |
| 48 | Table 16 – Alarms and Conditions |
| 51 | Table 17 – Historical Access |
| 54 | Table 18 – Aggregates |
| 59 | Table 19 – Auditing Table 20 – Redundancy |
| 60 | 5.5 Miscellaneous Table 21 – Global Discovery Server |
| 61 | Table 22 – Miscellaneous |
| 62 | 6 Profiles 6.1 Overview 6.2 Profile list |
| 63 | Table 23 – Profile list |
| 69 | 6.3 Conventions for Profile definitions 6.4 Profile versioning 6.5 Applications Figure 2 – HMI Client sample |
| 70 | Figure 3 – Embedded Server sample Figure 4 – Standard UA Server sample |
| 71 | 6.6 Profile tables 6.6.1 General 6.6.2 Core Server Facet 6.6.3 Core 2017 Server Facet |
| 72 | 6.6.4 Sessionless Server Facet 6.6.5 Reverse Connect Server Facet Table 24 – Core 2017 Server Facet Table 25 – Sessionless Server Facet |
| 73 | 6.6.6 Base Server Behaviour Facet 6.6.7 Request State Change Server Facet 6.6.8 Subnet Discovery Server Facet 6.6.9 Global Certificate Management Server Facet Table 26 – Reverse Connect Server Facet Table 27 – Base Server Behaviour Facet Table 28 – Request State Change Server Facet Table 29 – Subnet Discovery Server Facet |
| 74 | 6.6.10 Authorization Service Server Facet 6.6.11 KeyCredential Service Server Facet 6.6.12 Attribute WriteMask Server Facet 6.6.13 File Access Server Facet Table 30 – Global Certificate Management Server Facet Table 31 – Authorization Service Server Facet Table 32 – KeyCredential Service Server Facet Table 33 – Attribute WriteMask Server Facet |
| 75 | 6.6.14 Documentation Server Facet 6.6.15 Embedded DataChange Subscription Server Facet 6.6.16 Standard DataChange Subscription Server Facet Table 34 – File Access Server Facet Table 35 – Documentation Server Facet Table 36 – Embedded DataChange Subscription Server Facet |
| 76 | 6.6.17 Standard DataChange Subscription 2017 Server Facet 6.6.18 Enhanced DataChange Subscription Server Facet 6.6.19 Enhanced DataChange Subscription 2017 Server Facet 6.6.20 Durable Subscription Server Facet Table 37 – Standard DataChange Subscription 2017 Server Facet Table 38 – Enhanced DataChange Subscription 2017 Server Facet |
| 77 | 6.6.21 Data Access Server Facet 6.6.22 ComplexType Server Facet 6.6.23 ComplexType 2017 Server Facet Table 39 – Durable Subscription Server Facet Table 40 – Data Access Server Facet |
| 78 | 6.6.24 Standard Event Subscription Server Facet Table 41 – ComplexType 2017 Server Facet Table 42 – Standard Event Subscription Server Facet |
| 79 | 6.6.25 Address Space Notifier Server Facet 6.6.26 A & C Base Condition Server Facet 6.6.27 A & C Refresh2 Server Facet 6.6.28 A & C Address Space Instance Server Facet Table 43 – Address Space Notifier Server Facet Table 44 – A & C Base Condition Server Facet Table 45 – A & C Refresh2 Server Facet |
| 80 | 6.6.29 A & C Enable Server Facet 6.6.30 A & C AlarmMetrics Server Facet 6.6.31 A & C Alarm Server Facet Table 46 – A & C Address Space Instance Server Facet Table 47 – A & C Enable Server Facet Table 48 – A & C AlarmMetrics Server Facet |
| 81 | 6.6.32 A & C Acknowledgeable Alarm Server Facet 6.6.33 A & C Exclusive Alarming Server Facet Table 49 – A & C Alarm Server Facet Table 50 – A & C Acknowledgeable Alarm Server Facet |
| 82 | 6.6.34 A & C Non-Exclusive Alarming Server Facet 6.6.35 A & C Previous Instances Server Facet 6.6.36 A & C Dialog Server Facet Table 51 – A & C Exclusive Alarming Server Facet Table 52 – A & C Non-Exclusive Alarming Server Facet Table 53 – A & C Previous Instances Server Facet |
| 83 | 6.6.37 A & C CertificateExpiration Server Facet 6.6.38 A & E Wrapper Facet Table 54 – A & C Dialog Server Facet Table 55 – A & C CertificateExpiration Server Facet |
| 84 | 6.6.39 Method Server Facet 6.6.40 Auditing Server Facet Table 56 – A & E Wrapper Facet Table 57 – Method Server Facet |
| 85 | 6.6.41 Node Management Server Facet 6.6.42 User Role Base Server Facet 6.6.43 User Role Management Server Facet Table 58 – Auditing Server Facet Table 59 – Node Management Server Facet Table 60 – User Role Base Server Facet |
| 86 | 6.6.44 State Machine Server Facet 6.6.45 Client Redundancy Server Facet 6.6.46 Redundancy Transparent Server Facet Table 61 – User Role Management Server Facet Table 62 – State Machine Server Facet Table 63 – Client Redundancy Server Facet Table 64 – Redundancy Transparent Server Facet |
| 87 | 6.6.47 Redundancy Visible Server Facet 6.6.48 Historical Raw Data Server Facet 6.6.49 Historical Aggregate Server Facet Table 65 – Redundancy Visible Server Facet Table 66 – Historical Raw Data Server Facet |
| 88 | 6.6.50 Historical Data AtTime Server Facet Table 67 – Historical Aggregate Server Facet |
| 89 | 6.6.51 Historical Access Modified Data Server Facet 6.6.52 Historical Annotation Server Facet 6.6.53 Historical Data Insert Server Facet 6.6.54 Historical Data Update Server Facet Table 68 – Historical Data AtTime Server Facet Table 69 – Historical Access Modified Data Server Facet Table 70 – Historical Annotation Server Facet Table 71 – Historical Data Insert Server Facet |
| 90 | 6.6.55 Historical Data Replace Server Facet 6.6.56 Historical Data Delete Server Facet 6.6.57 Historical Access Structured Data Server Facet 6.6.58 Base Historical Event Server Facet Table 72 – Historical Data Update Server Facet Table 73 – Historical Data Replace Server Facet Table 74 – Historical Data Delete Server Facet Table 75 – Historical Access Structured Data Server Facet |
| 91 | 6.6.59 Historical Event Update Server Facet 6.6.60 Historical Event Replace Server Facet 6.6.61 Historical Event Insert Server Facet 6.6.62 Historical Event Delete Server Facet Table 76 – Base Historical Event Server Facet Table 77 – Historical Event Update Server Facet Table 78 – Historical Event Replace Server Facet Table 79 – Historical Event Insert Server Facet Table 80 – Historical Event Delete Server Facet |
| 92 | 6.6.63 Aggregate Subscription Server Facet Table 81 – Aggregate Subscription Server Facet |
| 93 | 6.6.64 Nano Embedded Device Server Profile 6.6.65 Nano Embedded Device 2017 Server Profile 6.6.66 Micro Embedded Device Server Profile 6.6.67 Micro Embedded Device 2017 Server Profile 6.6.68 Embedded UA Server Profile Table 82 – Nano Embedded Device 2017 Server Profile Table 83 – Micro Embedded Device 2017 Server Profile |
| 94 | 6.6.69 Embedded 2017 UA Server Profile 6.6.70 Standard UA Server Profile 6.6.71 Standard 2017 UA Server Profile Table 84 – Embedded 2017 UA Server Profile Table 85 – Standard 2017 UA Server Profile |
| 95 | 6.6.72 Core Client Facet 6.6.73 Core 2017 Client Facet 6.6.74 Sessionless Client Facet 6.6.75 Reverse Connect Client Facet Table 86 – Core 2017 Client Facet Table 87 – Sessionless Client Facet |
| 96 | 6.6.76 Base Client Behaviour Facet 6.6.77 Discovery Client Facet 6.6.78 Subnet Discovery Client Facet Table 88 – Reverse Connect Client Facet Table 89 – Base Client Behaviour Facet Table 90 – Discovery Client Facet |
| 97 | 6.6.79 Global Discovery Client Facet 6.6.80 Global Certificate Management Client Facet 6.6.81 KeyCredential Service Client Facet 6.6.82 Access Token Request Client Facet Table 91 – Subnet Discovery Client Facet Table 92 – Global Discovery Client Facet Table 93 – Global Certificate Management Client Facet Table 94 – KeyCredential Service Client Facet |
| 98 | 6.6.83 AddressSpace Lookup Client Facet 6.6.84 Request State Change Client Facet 6.6.85 File Access Client Facet Table 95 – Access Token Request Client Facet Table 96 – AddressSpace Lookup Client Facet Table 97 – Request State Change Client Facet Table 98 – File Access Client Facet |
| 99 | 6.6.86 Entry Level Support 2015 Client Facet 6.6.87 Multi-Server Client Connection Facet 6.6.88 Documentation – Client 6.6.89 Attribute Read Client Facet Table 99 – Entry Level Support 2015 Client Facet Table 100 – Multi-Server Client Connection Facet Table 101 – Documentation – Client |
| 100 | 6.6.90 Attribute Write Client Facet 6.6.91 DataChange Subscriber Client Facet Table 102 – Attribute Read Client Facet Table 103 – Attribute Write Client Facet |
| 101 | 6.6.92 Durable Subscription Client Facet 6.6.93 DataAccess Client Facet Table 104 – DataChange Subscriber Client Facet Table 105 – Durable Subscription Client Facet |
| 102 | 6.6.94 Event Subscriber Client Facet 6.6.95 Base Event Processing Client Facet Table 106 – DataAccess Client Facet Table 107 – Event Subscriber Client Facet |
| 103 | 6.6.96 Notifier and Source Hierarchy Client Facet 6.6.97 A & C Base Condition Client Facet 6.6.98 A & C Refresh2 Client Facet Table 108 – Base Event Processing Client Facet Table 109 – Notifier and Source Hierarchy Client Facet Table 110 – A & C Base Condition Client Facet |
| 104 | 6.6.99 A & C Address Space Instance Client Facet 6.6.100 A & C Enable Client Facet 6.6.101 A & C AlarmMetrics Client Facet 6.6.102 A & C Alarm Client Facet Table 111 – A & C Refresh2 Client Facet Table 112 – A & C Address Space Instance Client Facet Table 113 – A & C Enable Client Facet Table 114 – A & C AlarmMetrics Client Facet |
| 105 | 6.6.103 A & C Exclusive Alarming Client Facet 6.6.104 A & C Non-Exclusive Alarming Client Facet Table 115 – A & C Alarm Client Facet Table 116 – A & C Exclusive Alarming Client Facet |
| 106 | 6.6.105 A & C Previous Instances Client Facet 6.6.106 A & C Dialog Client Facet 6.6.107 A & C CertificateExpiration Client Facet Table 117 – A & C Non-Exclusive Alarming Client Facet Table 118 – A & C Previous Instances Client Facet Table 119 – A & C Dialog Client Facet Table 120 – A & C CertificateExpiration Client Facet |
| 107 | 6.6.108 A & E Proxy Facet Table 121 – A & E Proxy Facet |
| 108 | 6.6.109 Method Client Facet 6.6.110 Auditing Client Facet 6.6.111 Node Management Client Facet 6.6.112 Advanced Type Programming Client Facet Table 122 – Method Client Facet Table 123 – Auditing Client Facet Table 124 – Node Management Client Facet |
| 109 | 6.6.113 User Role Management Client Facet 6.6.114 State Machine Client Facet 6.6.115 Diagnostic Client Facet Table 125 – Advanced Type Programming Client Facet Table 126 – User Role Management Client Facet Table 127 – State Machine Client Facet Table 128 – Diagnostic Client Facet |
| 110 | 6.6.116 Redundant Client Facet 6.6.117 Redundancy Switch Client Facet 6.6.118 Historical Access Client Facet 6.6.119 Historical Data AtTime Client Facet 6.6.120 Historical Aggregate Client Facet Table 129 – Redundant Client Facet Table 130 – Redundancy Switch Client Facet Table 131 – Historical Access Client Facet Table 132 – Historical Data AtTime Client Facet |
| 111 | Table 133 – Historical Aggregate Client Facet |
| 112 | 6.6.121 Historical Annotation Client Facet 6.6.122 Historical Access Modified Data Client Facet 6.6.123 Historical Data Insert Client Facet 6.6.124 Historical Data Update Client Facet 6.6.125 Historical Data Replace Client Facet Table 134 – Historical Annotation Client Facet Table 135 – Historical Access Modified Data Client Facet Table 136 – Historical Data Insert Client Facet Table 137 – Historical Data Update Client Facet |
| 113 | 6.6.126 Historical Data Delete Client Facet 6.6.127 Historical Access Client Server Timestamp Facet 6.6.128 Historical Structured Data Access Client Facet 6.6.129 Historical Structured Data AtTime Client Facet Table 138 – Historical Data Replace Client Facet Table 139 – Historical Data Delete Client Facet Table 140 – Historical Access Client Server Timestamp Facet Table 141 – Historical Structured Data Access Client Facet Table 142 – Historical Structured Data AtTime Client Facet |
| 114 | 6.6.130 Historical Structured Data Modified Client Facet 6.6.131 Historical Structured Data Insert Client Facet 6.6.132 Historical Structured Data Update Client Facet 6.6.133 Historical Structured Data Replace Client Facet 6.6.134 Historical Structured Data Delete Client Facet Table 143 – Historical Structured Data Modified Client Facet Table 144 – Historical Structured Data Insert Client Facet Table 145 – Historical Structured Data Update Client Facet Table 146 – Historical Structured Data Replace Client Facet |
| 115 | 6.6.135 Historical Events Client Facet 6.6.136 Historical Event Insert Client Facet 6.6.137 Historical Event Update Client Facet 6.6.138 Historical Event Replace Client Facet Table 147 – Historical Structured Data Delete Client Facet Table 148 – Historical Events Client Facet Table 149 – Historical Event Insert Client Facet Table 150 – Historical Event Update Client Facet Table 151 – Historical Event Replace Client Facet |
| 116 | 6.6.139 Historical Event Delete Client Facet 6.6.140 Aggregate Subscriber Client Facet Table 152 – Historical Event Delete Client Facet Table 153 – Aggregate Subscriber Client Facet |
| 117 | 6.6.141 Standard UA Client Profile 6.6.142 Standard UA Client 2017 Profile |
| 118 | 6.6.143 UA-TCP UA-SC UA-Binary 6.6.144 HTTPS UA-Binary Table 154 – Standard UA Client 2017 Profile Table 155 – UA-TCP UA-SC UA-Binary Table 156 – HTTPS UA-Binary |
| 119 | 6.6.145 HTTPS UA-XML 6.6.146 HTTPS UA-JSON 6.6.147 WSS UA-SC UA-Binary 6.6.148 WSS UA-JSON Table 157 – HTTPS UA-XML Table 158 – HTTPS UA-JSON Table 159 – WSS UA-SC UA-Binary |
| 120 | 6.6.149 Security User Access Control Full 6.6.150 Security User Access Control Base 6.6.151 Security Time Synchronization Table 160 – WSS UA-JSON Table 161 – Security User Access Control Full Table 162 – Security User Access Control Base Table 163 – Security Time Synchronization |
| 121 | 6.6.152 Best Practice – Audit Events 6.6.153 Best Practice – Alarm Handling 6.6.154 Best Practice – Random Numbers 6.6.155 Best Practice – Timeouts 6.6.156 Best Practice – Administrative Access Table 164 – Best Practice – Audit Events Table 165 – Best Practice – Alarm Handling Table 166 – Best Practice – Random Numbers Table 167 – Best Practice – Timeouts |
| 122 | 6.6.157 Best Practice – Strict Message Handling 6.6.158 Best Practice – Audit Events Client 6.6.159 TransportSecurity – TLS 1.2 6.6.160 TransportSecurity – TLS 1.2 with PFS Table 168 – Best Practice – Administrative Access Table 169 – Best Practice – Strict Message Handling Table 170 – Best Practice – Audit Events Client Table 171 – TransportSecurity – TLS 1.2 |
| 123 | 6.6.161 SecurityPolicy – None 6.6.162 SecurityPolicy – Basic128Rsa15 6.6.163 SecurityPolicy – Basic256 6.6.164 SecurityPolicy [A] – Aes128-Sha256-RsaOaep Table 172 – TransportSecurity – TLS 1.2 with PFS Table 173 – SecurityPolicy – None |
| 124 | 6.6.165 SecurityPolicy [B] – Basic256Sha256 6.6.166 SecurityPolicy – Aes256-Sha256-RsaPss Table 174 – SecurityPolicy [A] – Aes128-Sha256-RsaOaep Table 175 – SecurityPolicy [B] – Basic256Sha256 |
| 125 | 6.6.167 User Token – Anonymous Facet 6.6.168 User Token – User Name Password Server Facet 6.6.169 User Token – X509 Certificate Server Facet Table 176 – SecurityPolicy – Aes256-Sha256-RsaPss Table 177 – User Token – Anonymous Facet Table 178 – User Token – User Name Password Server Facet Table 179 – User Token – X509 Certificate Server Facet |
| 126 | 6.6.170 User Token – Issued Token Server Facet 6.6.171 User Token – Issued Token Windows Server Facet 6.6.172 User Token – JWT Server Facet 6.6.173 User Token – User Name Password Client Facet Table 180 – User Token – Issued Token Server Facet Table 181 – User Token – Issued Token Windows Server Facet Table 182 – User Token – JWT Server Facet Table 183 – User Token – User Name Password Client Facet |
| 127 | 6.6.174 User Token – X509 Certificate Client Facet 6.6.175 User Token – Issued Token Client Facet 6.6.176 User Token – Issued Token Windows Client Facet 6.6.177 User Token – JWT Client Facet 6.6.178 Global Discovery Server Profile Table 184 – User Token – X509 Certificate Client Facet Table 185 – User Token – Issued Token Client Facet Table 186 – User Token – Issued Token Windows Client Facet Table 187 – User Token – JWT Client Facet |
| 128 | 6.6.179 Global Discovery Server 2017 Profile 6.6.180 Global Discovery and Certificate Management Server 6.6.181 Global Discovery and Certificate Mgmt 2017 Server 6.6.182 Global Certificate Management Client Profile 6.6.183 Global Certificate Management Client 2017 Profile Table 188 – Global Discovery Server 2017 Profile Table 189 – Global Discovery and Certificate Mgmt 2017 Server |
| 129 | 6.6.184 Global Service Authorization Request Server Facet 6.6.185 Global Service KeyCredential Pull Facet 6.6.186 Global Service KeyCredential Push Facet Table 190 – Global Certificate Management Client 2017 Profile Table 191 – Global Service Authorization Request Server Facet Table 192 – Global Service KeyCredential Pull Facet Table 193 – Global Service KeyCredential Push Facet |
| 130 | Bibliography |
