EN 
DE Introduction to the open data exchange standard OPC UA (scalable for embedded systems)
Author: Günther Trautzl, Euros-Embedded
Contribution – Embedded Software Engineering Congress 2015
Customer requirements are leading to standardization according to Industry 4.0.
We live in a highly dynamic world where complex technology remains in the background and simply has to function, but with the expectation of comprehensive and error-free communication. Today, anyone can exchange information of any kind (voice, music, images, videos, fitness data, etc.) with anyone else using stationary or mobile devices, instantly, from almost anywhere in the world, without technical knowledge, without interruptions, and at minimal cost.
This expectation extends to modern industry: everything must be simple and work flawlessly at all times! While all products are becoming increasingly complex, they are expected to be available instantly and without waiting. Customers desire a customized product with a wide variety of options, but with the highest quality standards and constantly decreasing costs. Furthermore, there is the premise of "zero-engineering": the customer is no longer willing to spend money on product improvements; they simply expect it.
In other words, demanding customers are paying less but have ever-increasing expectations for efficient and highly flexible production. Automation technology faces extremely high demands: performance, self-optimization, condition monitoring, and secure and flexible communication with standardized interfaces all need to be rethought. Further requirements include so-called "plug and produce" functionality (meaning that what's familiar from PCs with USB interfaces should also work in production) and tracking and tracing (knowing the location and condition of products at any time and in any location) – fundamental prerequisites for consistent data management.
The communication requirements affect both the vertical and horizontal levels. Vertically, this means we are operating within the same functional level, i.e., from sensor to sensor, from controller to controller, from machine to machine, from production facility to production facility. Horizontally, this means the sensor must communicate directly with the controller or machine, all the way up to the MES (Manufacturing Execution System) or the ERP (Enterprise Resource Planning System). The classic structure of the so-called automation pyramid is rather cumbersome in this context and should be broken down because, for example, if management (i.e., the MES level) wants to specifically query information from a single sensor, the data has to be passed from level to level, which is usually incompatible with the requirement for rapid access.
These requirements lead to an information model that is independent of operating systems and programming languages, thus requiring an open communication standard. Furthermore, the data must be transmitted reliably, validly (authenticated), and securely (encrypted) /1/.
The concept of Industry 4.0 can be seen as a manifestation of the Internet of Things (IoT). A key goal of the IoT was to automate the data flow gap between real-world devices and higher-level software systems (collectively known as ERP) in order to create a reliable, near real-time representation of reality in the software systems and their data repositories /7/.
Since the OPC Foundation's vision from the outset was to create interoperability between devices and systems, a corresponding communication mechanism was developed, called the OPC UA Stack (Fig. 1)., PDF).
Several joint documents from the leading industry associations BITKOM, VDMA, and ZVEI summarize the requirements for Industry 4.0. The paper "Implementation Strategy Industry 4.0, Final Report of the Industry 4.0 Platform" recommends the OPC UA data exchange standard for implementing a communication layer. /3/.
What is OPC UA?
OPC UA stands for Open Connectivity Unified Architecture and is the standardized, platform-independent data exchange method for automation technology. Data is collected and transported in its original form, and a wide variety of devices, systems, and applications are converted to a uniform, standardized format /2/.
The first standards were published in 1996 by the OPC Foundation in the USA to consolidate and standardize the diverse proprietary protocols of various PLC manufacturers. The definition of OPC UA was developed between 2003 and 2006 and became IEC 62541 between 2010 and 2012. OPC UA is the logical evolution of the classic OPC specification and introduces numerous operational improvements, including communication between distributed systems, platform independence, security, and data structures.
OPC UA has become very widespread due to its relatively simple abstraction of data structures and is therefore very well suited as a standard for communication in industry. The OPC Foundation, a US-based non-profit organization, currently has over 450 members, of which approximately 50 are now located in Europe.
Collaboration with various organizations and domain experts
OPC UA conceptually possesses both built-in information models and a general meta-model, which can be extended by so-called companion information models to suit specific domains. The standard data models available in OPC UA can be extended application-specifically and in collaboration with various existing standards. (Fig. 2), PDF), /4/, /5/.
Today, there is a very large group of users who have defined OPC UA as a standard. Examples include PLCopen, ADI, FDI, FDT, BACnet, MDIS, ISA95, AutomationML, MTConnect, VDW, IEC61850/61400, ODVA/Sercos, and others (Fig. 3)., PDF).
Application example: Interoperability in the AutoID environment
As an example of a successful companion document, the collaboration between AIM-D (the industry association of auto-ID companies) and the OPC Foundation can be mentioned. The starting point was the lack of standardization and the customers' desire for interoperability in the field of automatic identification systems, i.e., barcodes, 2D codes, optical systems (ORM), RFID, RTLS, and NFC (Fig. 4)., PDF).
In the System Integration working group, a companion standard of more than 50 pages was developed and presented through close and very cooperative collaboration between the companies Siemens, Harting, Balluff, Turck, Pepperl + Fuchs, Logopak, Panmobil, Ascolab, Ubisense, Assion, Fraunhofer IIS, ICS AG and EUROS Embedded.
The basic interface for the AutoID information model uses two different communication mechanisms. The first method involves an OPC UA client initiating the scan; the second method is triggered by the AutoID device when a readable tag or code is detected.
In Fig. 5 (see PDFThe specific types of different AutoID devices and their associated event types are presented in an overview. These define the semantics for the method parameters and event fields typical of AutoID devices.
The release candidate was completed for the Hannover Messe 2015, and the first working systems capable of communicating via the OPC UA interface were demonstrated on a panel. (Read RFID tag, industrial controller modifies the data, RFID tag is written with new data, RFID reader reads the modified tag).
This specification is currently undergoing rigorous testing in the so-called prototyping phase. The aim is to make this specification available as a final release at the Hannover Messe 2016 /6/.
The newly established working group on sensor networking, also located at AIM-D, is working on a communication standard with OPC UA as the interface to higher-level systems (i.e., MES, ERP, PLC) and IO-Link as the interface to the sensors. The focus is not on the details of the sensors themselves, but rather on creating a framework as a descriptive structure based on the data model of AutoID devices.
Application in the real IoT world: scalable OPC UA stack
The original focus of OPC UA was to enable high-performance computers and computer networks to communicate with each other. However, the real world is different. With the convergence of the Internet of Things, traditional computers communicate with small and even micro-devices; the smaller (and less powerful) IoT devices from the embedded world (such as sensors or RFID readers) are usually not as resource-rich, often lacking an operating system altogether or possessing only a rudimentary task scheduler. For a cross-platform industrial solution, a combination of a consistently scalable real-time operating system (such as EUROS) paired with a scalable OPC UA stack is urgently needed to enable a unified software solution for all devices.
The OPC UA stack should be scalable according to performance class, as proposed by the OPC Foundation. The following application-specific performance profiles were defined for this purpose: "Nano," "Micro," "Embedded," and "Standard." These profiles can be automatically generated using the universal Eclipse-based cross-development environment (Euros Embedded Studio) (Fig. 6)., PDF).
Starting with memory mapping and selecting the connection to the target system, the user can configure both the operating system and the scope of the OPC UA stack and test it directly on the target platform. A wizard-guided configurator facilitates rapid and error-free implementation, including automatic generation of board support packages, operating system configuration, network protocol selection, and configuration of OPC UA stack functionality, including security mechanisms for encryption and authentication.
Application: Free test environment of the scalable OPC UA stack on a Java Virtual Machine
A freely available virtual environment was created for interested developers (Fig. 7, PDF), in order to familiarize oneself with the scalable OPC UA stack and to conduct initial investigations. A virtual machine (VM) running under the EUROS operating system, representing the target system, is running on the PC. EUROS also runs on the virtual machine, extended by a standard OPC UA stack (server). This then communicates with the OPC UA client /8/, which is also running on the PC.
Enhanced security concepts are necessary for OPC UA.
Data security plays a crucial role in an OPC UA communication model. Traditionally, the freely available security solution OpenSSL is used to implement an OPC UA stack. Its encryption method is similar to classic IT procedures and uses a pseudo-number generator. However, according to current knowledge (e.g., the German Federal Office for Information Security (BSI), its minimum standard for the use of the SSL protocol), the key used no longer offers the modern protection required for industrial applications. There have already been reports of vulnerabilities that allow for successful manipulation.
A recently available solution eliminates this shortcoming by using a hardware-implemented random number generator for key generation. This ensures reliable and secure data exchange. The encryption method used offers virtually 100% IT security. Currently, no comparable protection for the transmission of industrial data is known on the market.
Based on a security microcontroller, real physical processes are used to generate random numbers, namely the thermal noise of a resistor. This forms the basis for generating extremely secure keys using a symmetric encryption method.
The implemented random number generator (PTG.3) belongs to the strongest functional class and performs internal statistical uniform distribution of the generated, arbitrarily long sequences of random numbers. Further requirements for PTG.3 class random number generators include the implementation of internal statistical controls and continuous monitoring of the digitized noise signal. Keys generated using a PTG.3 random number generator are statistically unassailable, which is crucial for their security.
The calculated entropy of the implemented random number generator is greater than 7.997 bits/byte, where entropy in this case refers to the average information density of a message. Communication with the real-time operating system EUROS is possible either via the USB interface at 921 kbit/s or via the serial interface at 115.2 kbit/s.
The safety module could be installed on an area of 5 cm².2 It can be built on a circuit board; for existing systems, this electronics can be compressed to the size of a USB stick. The encrypted connection setup using this highly secure solution was measured to be approximately ten times faster on average compared to the traditional asymmetric OPC UA OpenSSL.
The performance was first demonstrated „live“ at SPS Drives 2015 in conjunction with an OPC UA stack (Fig. 8, PDFA development board with a Renesas Cortex A9 processor™ was extended with a board containing a security microcontroller and additional sensors to also demonstrate OPC UA. This solution is also available as a starter kit /9/.
Summary
OPC UA is the international standard for secure, reliable, and vendor- and platform-independent data exchange. Thanks to semantic interoperability, cross-system data exchange between products from different manufacturers enables both vertical and horizontal networking, making it a fundamental element of Industry 4.0.
This presentation will highlight the advantages of OPC UA as an international standard for interoperability in the Internet of Things (IoT) and Industry 4.0, with examples from the world of automation, AutoID and embedded systems.
List of illustrations
Fig. 1: Interoperability concept of OPC UA
Fig. 2: The modular structure of OPC UA allows the integration of expert knowledge
Fig. 3: Collaboration of the OPC Foundation with user groups and associations
Fig. 4: Interoperability in the AutoID environment
Fig. 5: Overview of the different AutoID devices and semantics
Fig. 6: Configuration of the customized OPC UA stack with an Eclipse-based cross-development environment
Fig. 7: OPC UA in a scalable embedded environment
Fig. 8: EUROSsecurity OPC UA starter kit
Bibliography and list of sources
/1/ Interoperability from sensor to MES/ERP/IT/Cloud, presentation by U. Steinkrauss, Ascolab GmbH
/2/ Matrikon Whitepaper: „The Role of OPC Unified Architecture in Industry 4.0“
/3/ Bitkom, VDMA, ZVEI, „Implementation Strategy Industry 4.0“, Final Report of the Platform Industry 4.0, April 15.
/4/ OPC Day Paris 2015, presentation slides (host: Microsoft)
/5/ OPC Day Esslingen, 2014, Presentation slides (Host: Festo)
/6/ OPC Unified Architecture for AutoID, Companion Specification Release Candidate, (Request via AIM Deutschland eV).
/7/ Industry 4.0 and the „Real World“, Ident, Journal for Automatic Data Acquisition and Identification, Issue 4/15
/8/ Test environment of the scalable OPC UA stack, via the EUROS-Embedded website
/9/ EUROSsecurity OPC UA Starter Kit, datasheet, available on the EUROS Embedded website
System and hardware development – our training & coaching
Do you want to bring yourself up to date with the latest technology?
Then find out more here MircoConsult offers training courses/seminars/workshops and individual coaching on the topic of Internet of Things/system and hardware development.
Training & coaching on the other topics in our portfolio can be found here. here.
Systems and Hardware Engineering – Expertise
Valuable expertise in the field of Internet of Things/system and hardware development is available. here Available for you to download free of charge.
You can find expertise on other topics in our portfolio here. here.
