BS EN IEC 62541-4:2020
$215.11
OPC Unified Architecture – Services
| Published By | Publication Date | Number of Pages |
| BSI | 2020 | 236 |
IEC 62541-4:2020 is available as IEC 62541-4:2020 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.
IEC 62541-4:2020 defines the OPC Unified Architecture (OPC UA) Services. The Services defined are the collection of abstract Remote Procedure Calls (RPC) that are implemented by OPC UA Servers and called by OPC UA Clients. All interactions between OPC UA Clients and Servers occur via these Services. The defined Services are considered abstract because no particular RPC mechanism for implementation is defined in this document. IEC 62541-6 specifies one or more concrete mappings supported for implementation. For example, one mapping in IEC 62541-6 is to XML Web Services. In that case the Services described in this document appear as the Web service methods in the WSDL contract. Not all OPC UA Servers will need to implement all of the defined Services. IEC 62541-7 defines the Profiles that dictate which Services need to be implemented in order to be compliant with a particular Profile This third edition cancels and replaces the second edition published in 2015. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Added ability to resend all data of monitored items in a Subscription using the ResendData Method. b) Added support for durable Subscriptions (lifetime of hours or days). c) Added Register2 and FindServersOnNetwork Services to support network-wide discovery using capability filters. d) Removed definition of software certificates. Will be defined in a future edition. e) Extended and partially revised the redundancy definition. Added sub-range definitions for ServiceLevel and added more terms for redundancy. f) Added a section on how to use Authorization Services to request user access tokens. g) Added JSON Web Tokens (JWTs) as a new user token. h) Added the concept of session-less service invocation. i) Added a generic structure that allows passing any number of attributes to the AddNodes Service. j) Added requirement to protect against user identity token attacks. k) Added new EncryptedSecret format for user identity tokens.
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 2 | undefined |
| 5 | Annex ZA(normative)Normative references to international publicationswith their corresponding European publications |
| 7 | English CONTENTS |
| 18 | FOREWORD |
| 20 | 1 Scope 2 Normative references |
| 21 | 3 Terms, definitions, abbreviated terms and conventions 3.1 Terms and definitions |
| 22 | 3.2 Abbreviated terms 3.3 Conventions for Service definitions |
| 23 | Tables Table 1 โ Service definition table Table 2 โ Parameter Types defined in IEC 62541โ3 |
| 24 | 4 Overview 4.1 Service Set model Figures Figure 1 โ Discovery Service Set Figure 2 โ SecureChannel Service Set |
| 25 | Figure 3 โ Session Service Set Figure 4 โ NodeManagement Service Set Figure 5 โ View Service Set |
| 26 | Figure 6 โ Attribute Service Set Figure 7 โ Method Service Set |
| 27 | 4.2 Request/response Service procedures 5 Service Sets 5.1 General Figure 8 โ MonitoredItem and Subscription Service Sets |
| 28 | 5.2 Service request and response header 5.3 Service results |
| 29 | 5.4 Discovery Service Set 5.4.1 Overview |
| 30 | Figure 9 โ Discovery process |
| 31 | 5.4.2 FindServers |
| 32 | 5.4.3 FindServersOnNetwork Table 3 โ FindServers Service parameters |
| 33 | Table 4 โ FindServersOnNetwork Service parameters |
| 34 | 5.4.4 GetEndpoints |
| 35 | Figure 10 โ Using a Gateway Server |
| 36 | 5.4.5 RegisterServer Table 5 โ GetEndpoints Service parameters |
| 37 | Figure 11 โ The registration process โ Manually launched servers Figure 12 โ The registration process โ Automatically launched servers |
| 38 | Table 6 โ RegisterServer Service parameters Table 7 โ RegisterServer Service result codes |
| 39 | 5.4.6 RegisterServer2 Table 8 โ RegisterServer2 |
| 40 | 5.5 SecureChannel Service Set 5.5.1 Overview Table 9 โ RegisterServer2 Service result codes Table 10 โ RegisterServer2 Operation Level result codes |
| 41 | 5.5.2 OpenSecureChannel Figure 13 โ SecureChannel and Session Services |
| 43 | Table 11 โ OpenSecureChannel Service parameters |
| 45 | 5.5.3 CloseSecureChannel Table 12 โ OpenSecureChannel Service result codes |
| 46 | 5.6 Session Service Set 5.6.1 Overview 5.6.2 CreateSession Table 13 โ CloseSecureChannel Service parameters Table 14 โ CloseSecureChannel Service result codes |
| 48 | Figure 14 โ Multiplexing users on a Session |
| 49 | Table 15 โ CreateSession Service parameters |
| 51 | 5.6.3 ActivateSession Table 16 โ CreateSession Service result codes |
| 53 | Table 17 โ ActivateSession Service parameters |
| 54 | 5.6.4 CloseSession Table 18 โ ActivateSession Service result codes Table 19 โ CloseSession Service parameters |
| 55 | 5.6.5 Cancel 5.7 NodeManagement Service Set 5.7.1 Overview 5.7.2 AddNodes Table 20 โ CloseSession Service result codes Table 21 โ Cancel Service parameters |
| 56 | Table 22 โ AddNodes Service parameters |
| 57 | 5.7.3 AddReferences Table 23 โ AddNodes Service result codes Table 24 โ AddNodes Operation Level result codes |
| 58 | Table 25 โ AddReferences Service parameters Table 26 โ AddReferences Service result codes |
| 59 | 5.7.4 DeleteNodes Table 27 โ AddReferences Operation Level result codes |
| 60 | Table 28 โ DeleteNodes Service parameters Table 29 โ DeleteNodes Service result codes |
| 61 | 5.7.5 DeleteReferences Table 30 โ DeleteNodes Operation Level result codes Table 31 โ DeleteReferences Service parameters |
| 62 | 5.8 View Service Set 5.8.1 Overview 5.8.2 Browse Table 32 โ DeleteReferences Service result codes Table 33 โ DeleteReferences Operation Level result codes |
| 63 | Table 34 โ Browse Service parameters |
| 64 | Table 35 โ Browse Service result codes |
| 65 | 5.8.3 BrowseNext Table 36 โ Browse Operation Level result codes |
| 66 | Table 37 โ BrowseNext Service parameters Table 38 โ BrowseNext Service result codes |
| 67 | 5.8.4 TranslateBrowsePathsToNodeIds Table 39 โ BrowseNext Operation Level result codes |
| 68 | Table 40 โ TranslateBrowsePathsToNodeIds Service parameters Table 41 โ TranslateBrowsePathsToNodeIds Service result codes |
| 69 | 5.8.5 RegisterNodes Table 42 โ TranslateBrowsePathsToNodeIds Operation Level result codes |
| 70 | 5.8.6 UnregisterNodes Table 43 โ RegisterNodes Service parameters Table 44 โ RegisterNodes Service result codes |
| 71 | 5.9 Query Service Set 5.9.1 Overview 5.9.2 Querying Views Table 45 โ UnregisterNodes Service parameters Table 46 โ UnregisterNodes Service result codes |
| 72 | 5.9.3 QueryFirst |
| 73 | Table 47 โ QueryFirst Request parameters |
| 74 | Table 48 โ QueryFirst Response parameters |
| 75 | 5.9.4 QueryNext Table 49 โ QueryFirst Service result codes Table 50 โ QueryFirst Operation Level result codes |
| 76 | 5.10 Attribute Service Set 5.10.1 Overview Table 51 โ QueryNext Service parameters Table 52 โ QueryNext Service result codes |
| 77 | 5.10.2 Read Table 53 โ Read Service parameters |
| 78 | 5.10.3 HistoryRead Table 54 โ Read Service result codes Table 55 โ Read Operation Level result codes |
| 79 | Table 56 โ HistoryRead Service parameters |
| 81 | 5.10.4 Write Table 57 โ HistoryRead Service result codes Table 58 โ HistoryRead Operation Level result codes |
| 83 | Table 59 โ Write Service parameters |
| 84 | 5.10.5 HistoryUpdate Table 60 โ Write Service result codes Table 61 โ Write Operation Level result codes |
| 85 | Table 62 โ HistoryUpdate Service parameters Table 63 โ HistoryUpdate Service result codes |
| 86 | 5.11 Method Service Set 5.11.1 Overview 5.11.2 Call Table 64 โ HistoryUpdate Operation Level result codes |
| 87 | Table 65 โ Call Service parameters |
| 88 | Table 66 โ Call Service result codes Table 67 โ Call Operation Level result codes |
| 89 | 5.12 MonitoredItem Service Set 5.12.1 MonitoredItem model Figure 15 โ MonitoredItem model Table 68 โ Call Input Argument Result Codes |
| 91 | Figure 16 โ Typical delay in change detection |
| 92 | Figure 17 โ Queue overflow handling |
| 93 | Figure 18 โ Triggering model |
| 94 | 5.12.2 CreateMonitoredItems |
| 96 | Table 69 โ CreateMonitoredItems Service parameters |
| 97 | 5.12.3 ModifyMonitoredItems Table 70 โ CreateMonitoredItems Service result codes Table 71 โ CreateMonitoredItems Operation Level result codes |
| 98 | Table 72 โ ModifyMonitoredItems Service parameters |
| 99 | 5.12.4 SetMonitoringMode Table 73 โ ModifyMonitoredItems Service result codes Table 74 โ ModifyMonitoredItems Operation Level result codes |
| 100 | 5.12.5 SetTriggering Table 75 โ SetMonitoringMode service parameters Table 76 โ SetMonitoringMode Service result codes Table 77 โ SetMonitoringMode Operation Level result codes |
| 101 | Table 78 โ SetTriggering Service parameters Table 79 โ SetTriggering Service result codes |
| 102 | 5.12.6 DeleteMonitoredItems Table 80 โ SetTriggering Operation Level result codes Table 81 โ DeleteMonitoredItems Service parameters |
| 103 | 5.13 Subscription Service Set 5.13.1 Subscription model Table 82 โ DeleteMonitoredItems Service result codes Table 83 โ DeleteMonitoredItems Operation Level result codes |
| 106 | Table 84 โ Subscription states |
| 107 | Table 85 โ Subscription state table |
| 110 | Table 86 โ State variables and parameters |
| 111 | Table 87 โ Functions |
| 112 | 5.13.2 CreateSubscription Table 88 โ CreateSubscription Service parameters |
| 113 | 5.13.3 ModifySubscription Table 89 โ CreateSubscription Service result codes |
| 114 | Table 90 โ ModifySubscription Service parameters |
| 115 | 5.13.4 SetPublishingMode Table 91 โ ModifySubscription Service result codes Table 92 โ SetPublishingMode Service parameters Table 93 โ SetPublishingMode Service result codes |
| 116 | 5.13.5 Publish Table 94 โ SetPublishingMode Operation Level result codes |
| 117 | Table 95 โ Publish Service parameters Table 96 โ Publish Service result codes |
| 118 | 5.13.6 Republish Table 97 โ Publish Operation Level Result Codes Table 98 โ Republish Service parameters Table 99 โ Republish Service result codes |
| 119 | 5.13.7 TransferSubscriptions |
| 120 | Table 100 โ TransferSubscriptions Service parameters Table 101 โ TransferSubscriptions Service result codes |
| 121 | 5.13.8 DeleteSubscriptions Table 102 โ TransferSubscriptions Operation Level result codes Table 103 โ DeleteSubscriptions Service parameters |
| 122 | 6 Service behaviours 6.1 Security 6.1.1 Overview 6.1.2 Obtaining and installing an Application Instance Certificate Table 104 โ DeleteSubscriptions Service result codes Table 105 โ DeleteSubscriptions Operation Level result codes |
| 123 | 6.1.3 Determining if a Certificate is trusted Figure 19 โ Obtaining and installing an Application Instance Certificate |
| 124 | Table 106 โ Certificate validation steps |
| 126 | 6.1.4 Creating a SecureChannel Figure 20 โ Determining if an Application Instance Certificate is trusted |
| 127 | Figure 21 โ Establishing a SecureChannel |
| 128 | 6.1.5 Creating a Session Figure 22 โ Establishing a Session |
| 129 | 6.1.6 Impersonating a User 6.2 Authorization Services 6.2.1 Overview 6.2.2 Indirect handshake with an Identity Provider Figure 23 โ Impersonating a User |
| 130 | 6.2.3 Direct handshake with an Identity Provider Figure 24 โ Indirect handshake with an Identity Provider |
| 131 | 6.3 Session-less Service invocation 6.3.1 Description Figure 25 โ Direct handshake with an Identity Provider |
| 132 | 6.3.2 Parameters Table 107 โ SessionlessInvoke Service parameters |
| 133 | 6.3.3 Service results 6.4 Software Certificates 6.5 Auditing 6.5.1 Overview 6.5.2 General audit logs Table 108 โ SessionlessInvoke Service result codes |
| 134 | 6.5.3 General audit Events 6.5.4 Auditing for Discovery Service Set 6.5.5 Auditing for SecureChannel Service Set 6.5.6 Auditing for Session Service Set |
| 135 | 6.5.7 Auditing for NodeManagement Service Set 6.5.8 Auditing for Attribute Service Set |
| 136 | 6.5.9 Auditing for Method Service Set 6.5.10 Auditing for View, Query, MonitoredItem and Subscription Service Set 6.6 Redundancy 6.6.1 Redundancy overview |
| 137 | 6.6.2 Server Redundancy |
| 138 | Figure 26 โ Transparent Redundancy setup example |
| 139 | Figure 27 โ Non-Transparent Redundancy setup |
| 141 | Table 109 โ ServiceLevel ranges |
| 142 | Table 110 โ Server Failover modes |
| 143 | Figure 28 โ Client Start-up steps Table 111 โ Redundancy Failover actions |
| 144 | Figure 29 โ Cold Failover |
| 145 | Figure 30 โ Warm Failover |
| 146 | Figure 31 โ Hot Failover |
| 147 | Figure 32 โ HotAndMirrored Failover |
| 148 | 6.6.3 Client Redundancy 6.6.4 Network Redundancy Figure 33 โ Server proxy for Redundancy |
| 149 | Figure 34 โ Transparent network Redundancy |
| 150 | 6.6.5 Manually forcing Failover 6.7 Re-establishing connections Figure 35 โ Non-transparent network Redundancy |
| 151 | Figure 36 โ Reconnect sequence |
| 152 | 6.8 Durable Subscriptions |
| 153 | 7 Common parameter type definitions 7.1 ApplicationDescription |
| 154 | 7.2 ApplicationInstanceCertificate Table 112 โ ApplicationDescription |
| 155 | 7.3 BrowseResult Table 113 โ ApplicationInstanceCertificate Table 114 โ BrowseResult |
| 156 | 7.4 ContentFilter 7.4.1 ContentFilter structure 7.4.2 ContentFilterResult Table 115 โ ContentFilter structure Table 116 โ ContentFilterResult structure |
| 157 | 7.4.3 FilterOperator Table 117 โ ContentFilterResult result codes Table 118 โ ContentFilterResult Operand result codes Table 119 โ Basic FilterOperator definition |
| 160 | Table 120 โ Complex FilterOperator definition |
| 161 | Table 121 โ Wildcard characters |
| 162 | Table 122 โ Conversion rules |
| 163 | Table 123 โ Data Precedence rules |
| 164 | 7.4.4 FilterOperand parameters Table 124 โ Logical AND Truth table Table 125 โ Logical OR Truth table Table 126 โ FilterOperand parameter TypeIds |
| 165 | Table 127 โ ElementOperand Table 128 โ LiteralOperand Table 129 โ AttributeOperand |
| 166 | 7.5 Counter 7.6 ContinuationPoint Table 130 โ SimpleAttributeOperand |
| 167 | 7.7 DataValue 7.7.1 General 7.7.2 PicoSeconds 7.7.3 SourceTimestamp Table 131 โ DataValue |
| 168 | 7.7.4 ServerTimestamp 7.7.5 StatusCode assigned to a value |
| 169 | 7.8 DiagnosticInfo |
| 170 | 7.9 DiscoveryConfiguration parameters 7.9.1 Overview Table 132 โ DiagnosticInfo Table 133 โ DiscoveryConfiguration parameterTypeIds |
| 171 | 7.9.2 MdnsDiscoveryConfiguration 7.10 EndpointDescription Table 134 โ MdnsDiscoveryConfiguration Table 135 โ EndpointDescription |
| 172 | 7.11 ExpandedNodeId 7.12 ExtensibleParameter 7.13 Index 7.14 IntegerId Table 136 โ ExpandedNodeId Table 137 โ ExtensibleParameter base type |
| 173 | 7.15 MessageSecurityMode 7.16 MonitoringParameters Table 138 โ MessageSecurityMode values Table 139 โ MonitoringParameters |
| 174 | 7.17 MonitoringFilter parameters 7.17.1 Overview Table 140 โ MonitoringFilter parameterTypeIds |
| 175 | 7.17.2 DataChangeFilter Table 141 โ DataChangeFilter |
| 176 | 7.17.3 EventFilter |
| 177 | Table 142 โ EventFilter structure Table 143 โ EventFilterResult structure |
| 178 | 7.17.4 AggregateFilter Table 144 โ EventFilterResult result codes |
| 179 | 7.18 MonitoringMode Table 145 โ AggregateFilter structure Table 146 โ AggregateFilterResult structure |
| 180 | 7.19 NodeAttributes parameters 7.19.1 Overview Table 147 โ MonitoringMode values Table 148 โ NodeAttributes parameterTypeIds |
| 181 | 7.19.2 ObjectAttributes parameter 7.19.3 VariableAttributes parameter Table 149 โ Bit mask for specified Attributes Table 150 โ ObjectAttributes |
| 182 | 7.19.4 MethodAttributes parameter 7.19.5 ObjectTypeAttributes parameter Table 151 โ VariableAttributes Table 152 โ MethodAttributes |
| 183 | 7.19.6 VariableTypeAttributes parameter 7.19.7 ReferenceTypeAttributes parameter Table 153 โ ObjectTypeAttributes Table 154 โ VariableTypeAttributes |
| 184 | 7.19.8 DataTypeAttributes parameter 7.19.9 ViewAttributes parameter Table 155 โ ReferenceTypeAttributes Table 156 โ DataTypeAttributes |
| 185 | 7.19.10 GenericAttributes parameter 7.20 NotificationData parameters 7.20.1 Overview Table 157 โ ViewAttributes Table 158 โ GenericAttributes |
| 186 | 7.20.2 DataChangeNotification parameter 7.20.3 EventNotificationList parameter Table 159 โ NotificationData parameterTypeIds Table 160 โ DataChangeNotification |
| 187 | 7.20.4 StatusChangeNotification parameter 7.21 NotificationMessage 7.22 NumericRange Table 161 โ EventNotificationList Table 162 โ StatusChangeNotification Table 163 โ NotificationMessage |
| 188 | 7.23 QueryDataSet Table 164 โ NumericRange |
| 189 | 7.24 ReadValueId Table 165 โ QueryDataSet |
| 190 | 7.25 ReferenceDescription Table 166 โ ReadValueId |
| 191 | 7.26 RelativePath Table 167 โ ReferenceDescription Table 168 โ RelativePath |
| 192 | 7.27 RegisteredServer 7.28 RequestHeader Table 169 โ RegisteredServer |
| 193 | Table 170 โ RequestHeader |
| 194 | 7.29 ResponseHeader 7.30 ServiceFault Table 171 โ ResponseHeader |
| 195 | 7.31 SessionAuthenticationToken Figure 37 โ Logical layers of a Server Table 172 โ ServiceFault |
| 196 | 7.32 SignatureData 7.33 SignedSoftwareCertificate Figure 38 โ Obtaining a SessionAuthenticationToken Table 173 โ SignatureData |
| 197 | 7.34 StatusCode 7.34.1 General Table 174 โ SignedSoftwareCertificate |
| 198 | Table 175 โ StatusCode bit assignments |
| 199 | 7.34.2 Common StatusCodes Table 176 โ DataValue InfoBits |
| 200 | Table 177 โ Common Service result codes |
| 202 | Table 178 โ Common Operation Level result codes |
| 203 | 7.35 TimestampsToReturn 7.36 UserIdentityToken parameters 7.36.1 Overview Table 179 โ TimestampsToReturn values |
| 204 | 7.36.2 Token Encryption and Proof of Possession Table 180 โ UserIdentityToken parameterTypeIds |
| 205 | Figure 39 โ EncryptedSecret layout Table 181 โ Legacy UserIdentityToken Encrypted Token Secret Format |
| 207 | Table 182 โ EncryptedSecret layout Table 183 โ EncryptedSecret DataTypes |
| 208 | 7.36.3 AnonymousIdentityToken 7.36.4 UserNameIdentityToken Table 184 โ RsaEncryptedSecret structure Table 185 โ AnonymousIdentityToken |
| 209 | Table 186 โ UserNameIdentityToken Table 187 โ EncryptionAlgorithm selection |
| 210 | 7.36.5 X509IdentityTokens 7.36.6 IssuedIdentityToken Table 188 โ X.509 v3 Identity Token |
| 211 | 7.37 UserTokenPolicy Table 189 โ IssuedIdentityToken Table 190 โ UserTokenPolicy |
| 212 | 7.38 VersionTime 7.39 ViewDescription Table 191 โ ViewDescription |
| 213 | Annex A (informative) BNF definitions A.1 Overview over BNF A.2 BNF of RelativePath Table A.1 โ RelativePath |
| 214 | A.3 BNF of NumericRange Table A.2 โ RelativePath Examples |
| 215 | Annex B (informative) ContentFilter and Query examples B.1 Simple ContentFilter examples B.1.1 Overview B.1.2 Example 1 Figure B.1 โ Filter logic tree example |
| 216 | B.1.3 Example 2 Figure B.2 โ Filter logic tree example Table B.1 โ ContentFilter example Table B.2 โ ContentFilter example |
| 217 | B.2 Complex examples of Query filters B.2.1 Overview B.2.2 Used type model |
| 219 | Figure B.3 โ Example Type Nodes |
| 220 | B.2.3 Example Notes Figure B.4 โ Example Instance Nodes |
| 221 | B.2.4 Example 1 Figure B.5 โ Example 1 Filter Table B.3 โ Example 1 NodeTypeDescription Table B.4 โ Example 1 ContentFilter |
| 222 | B.2.5 Example 2 Table B.5 โ Example 1 QueryDataSets Table B.6 โ Example 2 NodeTypeDescription |
| 223 | B.2.6 Example 3 Figure B.6 โ Example 2 Filter logic tree Table B.7 โ Example 2 ContentFilter Table B.8 โ Example 2 QueryDataSets |
| 224 | Figure B.7 โ Example 3 Filter logic tree Table B.9 โ Example 3 NodeTypeDescription |
| 225 | Table B.10 โ Example 3 ContentFilter |
| 226 | B.2.7 Example 4 Figure B.8 โ Example 4 Filter logic tree Table B.11 โ Example 3 QueryDataSets Table B.12 โ Example 4 NodeTypeDescription |
| 227 | B.2.8 Example 5 Figure B.9 โ Example 5 Filter logic tree Table B.13 โ Example 4 ContentFilter Table B.14 โ Example 4 QueryDataSets Table B.15 โ Example 5 NodeTypeDescription |
| 228 | B.2.9 Example 6 Table B.16 โ Example 5 ContentFilter Table B.17 โ Example 5 QueryDataSets Table B.18 โ Example 6 NodeTypeDescription |
| 229 | Figure B.10 โ Example 6 Filter logic tree Table B.19 โ Example 6 ContentFilter Table B.20 โ Example 6 QueryDataSets |
| 230 | B.2.10 Example 7 Table B.21 โ Example 6 QueryDataSets without additional information Table B.22 โ Example 7 NodeTypeDescription |
| 231 | Figure B.11 โ Example 7 Filter logic tree Table B.23 โ Example 7 ContentFilter Table B.24 โ Example 7 QueryDataSets |
| 232 | B.2.11 Example 8 Figure B.12 โ Example 8 Filter logic tree Table B.25 โ Example 8 NodeTypeDescription Table B.26 โ Example 8 ContentFilter |
| 233 | B.2.12 Example 9 Figure B.13 โ Example 9 Filter logic tree Table B.27 โ Example 8 QueryDataSets Table B.28 โ Example 9 NodeTypeDescription |
| 234 | Table B.29 โ Example 9 ContentFilter Table B.30 โ Example 9 QueryDataSets |
