This plugin is based on the S2OPC open source library.
OPC UA server protocol stack configuration
Connection configuration
This section provides the connection-level configuration details of an OPC UA server.
Attributes definition
Attribute | Description | Expected values | Mandatory |
---|---|---|---|
url | The server URL endpoint | “opc.tcp://:[/sub/path]” e.g. “opc.tcp://localhost:4841” | YES |
appUri | The application URI | e.g. “urn:S2OPC:localhost” | YES |
productUri | The product URI | e.g. “urn:S2OPC:localhost” | YES |
appDescription | Application description | Any non-empty string. | YES |
localeId | The default language Id. | e.g. "en-US", "fr-FR", ... | YES |
namespaces | List of namespaces URI, starting at namespace 1. Thus, the array should contain only one name. (Array is kept for portability) | e.g. for 2 users namespaces (ns=1, ns=2): [ "urn:S2OPC:localhost", "urn:S2OPC:localhost_2" ] | YES |
policies | Array of accepted policies If no security is required: | YES | |
policies.securityMode | The security mode | A string among “None”, “Sign” and “SignAndEncrypt” (case insensitive) | YES |
policies.securityPolicy | The security policy | A string among “None”, “Basic256”, “Basic256Sha256”, “Aes128Sha256RsaOaep” and “Aes256Sha256RsaPss” | YES |
policies.userPolicies | The user policy If no security is required, "Anonymous" should be used | A string among “Anonymous”, “username”, “username_None”, “username_Basic256” | YES |
users | A map of 'user':'password'. If no user-authentication is required, it can be an empty object | e.g: {"user" : "password", "user2" : "xGt4sdE3Z+" } e.g: {} | YES |
certificates | Note: all certificate files are expected to be provided in the $(FLEDGE_INSTALL)/data/etc/certs/s2opc_srv folder | NO | |
certificates.serverCertPath | The Server certificate filename (DER format) | e.g. "server_2k_cert.der" | NO |
certificates.serverKeyPath | The Server key filename (PEM format) | e.g. "server_2k_key.pem" | NO |
certificates.trusted_root | The list of trusted root certificates (DER) | e.g. [ "cacert.der" ] | NO |
certificates.trusted_intermediate | The list of trusted intermediate certificates (DER) | Same as “trusted_root” | NO |
certificates.revoked | The list of revoked certificates (DER) | Same as “trusted_root” | NO |
certificates.untrusted_root | The list of untrusted root certificates (DER) | Same as “trusted_root” | NO |
certificates.untrusted_intermediate | The list of untrusted intermediate certificates (DER) | Same as “trusted_root” | NO |
certificates.issued | The list of untrusted issued certificates (DER) | Same as “trusted_root” | NO |
Configuration JSON structure
{ "transport_layer":{ "url":"opc.tcp://localhost:4841/OPCUA/s2opc", "appUri":"urn:S2OPC:localhost", "productUri":"urn:S2OPC:localhost", "appDescription":"Application description", "localeId":"en-US", "namespaces":[ "urn:S2OPC:localhost" ], "policies":[ { "securityMode":"None", "securityPolicy":"None", "userPolicies":[ "anonymous" ] }, { "securityMode":"SignAndEncrypt", "securityPolicy":"Basic256Sha256", "userPolicies":[ "username_Basic256Sha256", "username_None" ] } ], "users":{ "user":"password", "user2":"xGt4sdE3Z+" }, "certificates":{ "serverCertPath":"server_2k_cert.der", "serverKeyPath":"server_2k_key.pem", "trusted_root":[ "cacert.der" ], "trusted_intermediate":[], "revoked":["cacrl.der"], "untrusted_root":[], "untrusted_intermediate":[], "issued":[] } } }
Endpoint configuration
This section provides the user-level configuration details of an OPC UA server, once a client-server secured connection is established.
The endpoint (see "transport_layer.url
") is an OPC UA interface and provides several means of use by a client (Browse, Read, Write, Subscribe). The following items allow any connected client to access directly all server data without required use of browsing, provided that it has knowledge of the PIVOT object it needs.
Interface specification:
- As a standard OPC UA server, all functional data are organized under the
Root.Objects
node of namespace 0 ( nodeId =i=85
). - For each PIVOT data, there is one node under
Root.Objects
with:- NodeClass =
Object
- NodeId=
ns=1;s=
<PIVOT_ID>
, with<PIVOT_ID>
as provided inexchanged_data.datapoints[].pivot_id
section configuration. - BrowseName= namespace =1, name =
<PIVOT_ID>
- DisplayName =
<PIVOT_ID>
- References:
- HasTypeDefinition:
FolderType
- HasComponent:
<...>
, one for each variable below
- HasTypeDefinition:
- NodeClass =
NodeId | BrowseName/ DisplayName | IsOrganizedBy | NodeClass | Type | Details |
---|---|---|---|---|---|
| <PIVOT_ID> |
(= "i=85") |
| N.A | |
ns=1;s= <PIVOT_ID>/Cause | Cause | ns=1;s= <PIVOT_ID> | Variable | UInt32 | |
With <PIVOT_ID>
as provided in exchanged_data.datapoints[].pivot_id
section configuration.
Requirements
The following requirements aim at providing a clear