i4connected Knowledgebase 5.6

The OPC UA Adapter

Abstract

Check out this article and learn everything that you need to know about the OPC UA Adapter and how to configure it in i4connected.

The OPC UA adapter is a machine to machine communication protocol for industrial automation.

The OPC UA adapter connection

While configuring the OPC UA Device the user is required to add a set of the OPC UA specific settings.

OPC_settings.jpg

The OPC UA device settings

By clicking the Select OPC UA adapter name field, the Select OPC UA server panel is opened. In this view, all the already configured OPC UA adapters are listed, allowing the user to choose the one to be used. Additionally, the user can click the Add toolbar button to start configuring a new OPC UA server.

OPC_UA_server_panel.jpg

The OPC UA server panel

The Add OPC UA server panel features the following settings:

OPC_adapter.jpg

The Add OPC UA adapter panel

  • Name - specifies the name of the OPC UA server that will be displayed in the OPC UA Device properties, as well.

  • Description - the user-friendly description of the OPC UA adapter.

  • Discover endpoint url - allows the user to define the network location URL. As soon as a valid endpoint is inserted here, the user can view the list of all available endpoints, by clicking the Select OPC UA endpoint selector.

    opc_ua_endpoint.jpg

    The Select OPC UA endpoint panel

  • Endpoint url - specifies the network location that the OPC UA client application uses to find and connect to the OPC UA server.

  • Security mode - specifies the authentication method. By selecting an OPC UA endpoint, the Security mode field is populated with the appropriate method. Otherwise, the following options are selectable from the drop-down list:

    security_mode.jpg

    The Add OPC UA Security mode panel

    • Invalid

    • None

    • Sign

    • SignAndEncrypt

  • Security policy uri - specifies the security policy of the OPC UA adapter. By selecting an OPC UA endpoint, the Security policy uri field is populated with the appropriate policy. Otherwise, the following options are selectable from the drop-down list:

    security_policy_uri.jpg

    The Add OPC UA Security policy uri panel

    • None

    • Basic256Sha256

    • Basic256

    • Basic128Rsa15

    • Aes128_Sha256_RsaOaep

    • Aes256_Sha256_RsaPss

    • Https

  • User token type - the type of the user identity token required. The user can select the desired value from a drop-down list with the following options:

    • Anonymous - the connection does not require login. However, please note that this is an unsecured connection.

    • Username - the connection requires a login via username and password.

  • Auto accept untrusted certificates - specifies whether untrusted certificates should be accepted or rejected.

  • Subject name - specifies the name of the trusted OPC UA client certificate. This field is prefilled by the system, but can also be manually updated.

  • Session name - the name of the OPC UA client session.

  • Select owner - the name of the Adapter owner.

    IoT_owner.jpg

    Adapter owner selector

    By clicking on the owner selector, the Select Users panel is opened allowing the user to choose the Adapter's owner.

    List_of_users.jpg

    Select Users panel

  • Trace Level - trace levels determine which events the trace provider generates. The user can select the desired trace level from a drop-down list where the following predefined value is available: Trace, Debug, Info, Warn, Error, Fatal, and Off.

  • Enabled / Disabled toggle button - if the setting is turned on, the Adapter is enabled and functional.

The toolbar of the OPC UA panel allows the user to access 2 additional lists:

  • Trusted certificates - the list of the certificates can be accessed by clicking the Trusted toolbar button. In the OPC UA trusted certificates panel, all the currently available i4connected Client and/or Server certificates are displayed. In this view, the user can manage the listed certificates by removing them, or setting them to Trusted/ Rejected.

    trusted_certificates.jpg
  • Issuers - can be accessed by clicking the Issuer toolbar button. In the OPC UA Issuer certificates panel, all the currently available Issuer certificates are displayed. In this view, the user can manage the lister issuer certificates by removing them, or setting them to Trusted/Rejected.

    issuer.png

    Note

    It may be the case that the Issuer certificates list is empty. In this case, your system administrator will need to manually create the issuer folder and populate it with the desired certificates, on the i4connected server, under the folder "pki\OPC UA Adapter".

While opening the OPC UA adapter in Edit mode, the user can click on the Restart button which runs in the system background, triggering an audit event. After clicking on the button, the adapter is restarted, and a toggle message will be displayed, indicating that the "Adapter restarted successfully".

edit_OPC.jpg
OPC UA Subscriptions

The OPC UA Subscriptions are used to report notifications to the i4connected client by exposing a set of so-called monitored items assigned to them by the client.

The OPC UA Subscriptions panel can be accessed by clicking the Subscription selector in the Add/Edit device panel.

add_opc_subscription.jpg

The Add/Edit OPC UA subscriptions panel

In this view, all the available Subscriptions are listed, allowing the user to view, edit and delete them. The user can add a new Subscription, by clicking the Add button.

The Add OPC UA Subscriptions, provide the user with the following options:

opc_ua_subscription.jpg

The Add OPC UA subscription panel

  • Name - the name of the new OPC UA subscription.

  • Publishing interval - defines the cyclic rate at which the Subscriptions are executed, measured in milliseconds.

  • Lifetime count - counts the number of consecutive publishing cycles where no publish requests are available to be sent to a publish response for that subscription, measured in milliseconds.

  • Keep alive count - sets the number of consecutive publishing cycles, in which there have been no notifications to report to the client.

  • Max notifications per publish - specifies the maximum number of notifications that are allowed to be processed through a publishing cycle.

  • Priority - sets the priority of the notifications queued by the subscription. The notification with the highest priority will be processed first (the bigger the number, the higher the priority). In the case of subscriptions with the same priority, the server will dequeue publish requests in a round-robin fashion.