OPC-UA Offers Security for Remote-Site Applications

Aug. 1, 2014
The lack of consensus on communications standards continues to be a very real obstacle for endeavors like the Internet of Things and Industry 4.0.

“The technology is there,” observes Robert Trask, PE and senior systems architect at Beckhoff Automation LLC headquartered in Savage, Minn. “The huge missing component is having standardized data protocols.”

Use of industry standard protocols allows a network to support devices and applications from a variety of vendors. Standard protocols also secure the network and remote application in a time-tested and proven manner.

Trask and his colleagues at Beckhoff advocate adopting the OPC-UA standard because it contains what they consider to be the necessary components: built-in security, a reliable protocol, and independence from a particular vendor or operating system. “Also, there are several low-level, chip-level implementations that only require 15 kBytes of memory on the remote end,” adds Trask.

OPC-UA gives industry the tools to put remote nodes under a facility’s security umbrella and to avoid the common pitfall of leaving them vulnerable to hackers. One of these tools is a stack of standard code containing built-in security. “As a result, the developer does not have to become a security expert,” notes Trask.

The standard uses two security mechanisms, certificates and public keys. Smart phones secure e-mail by synchronizing the certificates at each end, and HTTP Secure (HTTPS) relies on a public key. “Public keys need to be renewed periodically, which is automatically done by the OPC-UA security mechanism,” says Trask.

Other benefits of an open standard like OPC-UA are what Trask calls future proofing and communication neutrality. “For the hyper-connected systems of the future, you really need openness,” he says.

To view our complete coverage on leaping into the mobility movement, click here.

Companies in this Article