Adding an OPC UA server as a device to Security Center - Industrial IoT 5.0.1.1 | BACnet | Modbus | OPC Client | SNMP Manager

Industrial IoT Plugin Guide 5.0.1.1

Applies to
Industrial IoT 5.0.1.1 | BACnet | Modbus | OPC Client | SNMP Manager
Last updated
2023-02-09
Content type
Guides > Plugin and extension guides
Language
English
Product
Industrial IoT
Version
5.0

For the Industrial IoT plugin role to monitor and control devices using the Open Platform Communications (OPC) technology, the OPC UA server must be added to Security Center as an Industrial IoT device.

Before you begin

  • Make sure you understand how OPC Unified Architecture works.
  • Turn on the OPC Client switch on the Industrial IoT plugin role's Protocol page.
  • If you want to use the data point browser, you must install your devices and make sure they work properly. However, this is not a prerequisite for configuring your system.

What you should know

Open Platform Communications (OPC) is a client-server technology. The OPC UA server receives data from all devices using the OPC standard. The Industrial IoT plugin role acts as an OPC UA client on behalf of Security Center. By connecting to the OPC UA server, the plugin role receives data and state information from the OPC devices.

Procedure

  1. From the Config Tool home page, open the Plugins task.
  2. Select the Industrial IoT plugin role from the entity browser.
  3. Click the Devices tab and click Add a device ().
    The Add a device dialog box opens.
    The initial state of the 'Add a device' dialog box before any info is entered.
  4. Enter the following information:
    Name
    A unique name used to identify this device in your system.
    Type
    (Optional) The device type to apply as a model for this device. Device types define the common properties, such as protocol, states, data points, and actions, shared by a group of devices. Using a device type simplifies your configuration work. Device types are defined in the Device types page of the Industrial IoT plugin role.
    NOTE: If you select None, you must manually configure all properties for the device in Security Center. If this is your first device, you can complete its configuration and create the device type from it.
    Protocol
    Select OPC Client.
    The dialog box expands to show the servers list.
  5. Under the Servers list, click .
    The dialog box expands to show the rest of the fields and a New server is added to the servers list.
    Dialog box for adding an OPC device.
  6. In the bottom section of the dialog box, enter the following:
    Server name
    The name of the server on which the OPC UA server resides.
    Server endpoint
    The address of the server. The URL format is opc.tcp://<host>:<port>/, where <host> is the hostname or IP address, and <port> is the TCP port used by the plugin and OPC UA server to communicate.
    The values you entered are displayed in the Servers list.
  7. If you have a second server assigned to the OPC UA server, click and enter the name and endpoint of the second server.
    The Operation mode field is added to the dialog box.
  8. If applicable, click Operation mode and select how you want the two servers to work together.
    The two servers must have the same topology and be perfectly in sync for this option to work. Choose one of the following:
    Failover
    (Default mode) The plugin connects to both servers but only listens to the active one (indicated with a green LED in the device's Properties page). If the active server goes down, the plugin switches to the other server. While the plugin is switching servers, some data changes might be lost.
    Redundancy
    The plugin listens to both servers but only reacts to one of them, because they both report the same data changes. However, if the two servers fall out of sync, the plugin might process these events twice.
    Tip: Recommendation: Choose the failover mode if you favor consistency over reliance. Choose the redundancy mode if you favor reliance over consistency.
  9. Select a server in the Servers list and click Discover > Start.
    The OPC server discovery dialog box opens and lists all available connection methods for that server.
    'Add device' dialog box showing two servers assigned to the OPC device.
  10. Select the connection method you want to use for that server and click Select.
    The rest of the fields are filled in automatically for you. You can also enter these fields manually.
    'Add device' dialog box showing two servers assigned to the OPC device.
    Message security
    The security type for messages sent from the OPC UA server. Choose one of the following:
    None
    No security is applied.
    Sign
    Messages are signed but not encrypted.
    Sign and encrypt
    Messages are signed and encrypted.
    Security policy
    Select the algorithm for how messages from the OPC UA server are signed and encrypted.
    Scheme
    Select the authentication scheme that is required for OPC Client to connect to the OPC UA server. Choose one of the following:
    Anonymous
    No authentication required to connect.
    Username and password
    Connect to the OPC UA server using credentials. Enter your username and password.

    When you select this authentication scheme, the Allow unsecured credentials option would also be available. Select this option to allow user credentials to be sent through unsecured channels.

    Certificate
    Choose to connect to the OPC UA server using a certificate. If messages sent from the OPC UA server are signed or signed and encrypted, you must trust the OPC UA server certificate.
  11. If you have a second server, select its connection method as well.
  12. Click Add.
    The device is added to the list of devices.
  13. Click Apply.

Results

The device is displayed in the entity browser under the Industrial IoT plugin.