- By Jim Redman
- IIoT Insight
Exchanging data between Industrial Internet of Things (IIoT) devices and the cloud presents a bewildering array of options. Cloud providers, Amazon Web Services, Microsoft Azure, Google IO, and many others each advocate for their own technique for IIoT data interchange. But operational technology (OT) applications have a very long life, and, in the fast-moving world of cloud IT, some solutions are likely to be orphaned. IIoT “standards” such as MQTT, AMQP, REST, and Kafka compete to serve as pipelines to move data across the network. At the same time, custom OT implementations from IIoT/edge/cloud software and hardware vendors can cause “vendor lock,” limiting your choices and flexibility. The answer is OPC UA.
OPC UA makes using the cloud easy and safe. You already know OPC and can create secure, robust cloud and IIoT applications. Moving application data to the cloud lets you do your job better while saving costs and lowering security risks. A vendor-independent, widely implemented standard ensures long-term support and protects your investment in a rapidly changing cloud environment.
OPC UA is a collection of specifications. The primary specification, and by far the most widely implemented and recognized, is the Data Access specification. Others gaining industry support include the Historical Data Access (OPC HDA) specification, which extends the OPC server to include reading and writing historical data, as well as real-time transfers.
A recent addition to the OPC specifications is the “publish-subscribe” model. This provides features similar to the Data Access model with some additional performance and lower overhead. This further enhances the benefits of OPC UA in the cloud.
OT data security
OPC has always been targeted at automation data—a continuous stream of values that we need to share between applications to populate user interfaces and trends and from which we need to extract alarms and anomalies. OPC reflects the reality of the OT environment. Each tag or data point has descriptive metadata including valuable text descriptions of the point, units, ranges, and locations. Critical for good OT data management are a quality indicator and the time stamp of the actual reading—not the time it was uploaded. As obvious and vital as all these requirements are for OT data, many widely adopted protocols and custom cloud/IIoT solutions do not include these essential aspects.
Security is always a priority whenever data is passed across a network. OPC UA security is based on state-of-the-art IT best practices, but you do not have to understand the intricacies to deliver a secure solution. Security is an integral part of the standard and is part of all OPC UA clients and servers.
OT professionals, with reasonable care and understanding, can ensure a secure OPC system end-to-end—indeed, if you have already installed and configured any OPC UA solution you know the procedure. OPC UA, like legacy OPC, supports subscriptions and on-data-change notifications. Clients can subscribe to the server and receive notification of tags that have changed in real time. This service has been enhanced so that on-data-change notifications are queued at the server. If there is a short network outage, the server will maintain the notifications for the client and deliver them in order when the client can receive them.
Another addition to the standard is the “HistoryRead” service. Clients can request data starting from a particular date and time, allowing data notifications that were missed during a more major network issue to be retrieved once the network connection is reestablished.
You already know OPC and can create secure, robust cloud and IIoT applications. OPC UA makes using the cloud easy and safe.
A version of this article first appeared in AUTOMATION 2021 Vol.1, IIoT & Industry 4.0, from Automation.com.
We want to hear from you! Please send us your comments and questions about this topic to InTechmagazine@isa.org.