IEC 62541-4:2020
(Main)OPC Unified Architecture - Part 4: Services
OPC Unified Architecture - Part 4: Services
IEC 62541-4:2020 defines the OPC Unified Architecture (OPC UA) Services. The Services defined are the collection of abstract Remote Procedure Calls (RPC) that are implemented by OPC UA Servers and called by OPC UA Clients. All interactions between OPC UA Clients and Servers occur via these Services. The defined Services are considered abstract because no particular RPC mechanism for implementation is defined in this document. IEC 62541-6 specifies one or more concrete mappings supported for implementation. For example, one mapping in IEC 62541-6 is to XML Web Services. In that case the Services described in this document appear as the Web service methods in the WSDL contract. Not all OPC UA Servers will need to implement all of the defined Services. IEC 62541-7 defines the Profiles that dictate which Services need to be implemented in order to be compliant with a particular Profile This third edition cancels and replaces the second edition published in 2015. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition:
a) Added ability to resend all data of monitored items in a Subscription using the ResendData Method.
b) Added support for durable Subscriptions (lifetime of hours or days).
c) Added Register2 and FindServersOnNetwork Services to support network-wide discovery using capability filters.
d) Removed definition of software certificates. Will be defined in a future edition.
e) Extended and partially revised the redundancy definition. Added sub-range definitions for ServiceLevel and added more terms for redundancy.
f) Added a section on how to use Authorization Services to request user access tokens.
g) Added JSON Web Tokens (JWTs) as a new user token.
h) Added the concept of session-less service invocation.
i) Added a generic structure that allows passing any number of attributes to the AddNodes Service.
j) Added requirement to protect against user identity token attacks.
k) Added new EncryptedSecret format for user identity tokens.
Architecture Unifiée OPC - Partie 4: Services
L'IEC 62541-4:2020 définit le modèle de communication Services de l'architecture unifiée OPC (OPC UA). Les Services définis sont le recueil d'appels de procédures abstraites distantes (RPC, Remote Procedure Call) qui sont mises en œuvre par les Serveurs OPC UA et qui sont appelées par les Clients OPC UA. Toutes les interactions entre Clients et Serveurs OPC UA ont lieu via ces Services. Les Services définis sont dits abstraits, car aucun mécanisme RPC particulier n'est spécifié dans le présent document pour leur mise en œuvre. L'IEC 62541-6 spécifie un ou plusieurs mécanismes concrets de mapping pour la mise en œuvre. Par exemple, dans l'IEC 62541-6, l'un des mécanismes de mapping repose sur l'utilisation des Services Web XML. Dans ce cas, les Services décrits dans le présent document apparaissent comme les méthodes de services Web dans le contrat WSDL. Il n'est pas nécessaire que l'ensemble des Serveurs OPC UA mettent en œuvre toutes les correspondances avec les messages et les protocoles de transport. L'IEC 62541-7 définit les Profils qui dictent les Services qu'il est nécessaire de mettre en œuvre afin d'être conforme à un Profil particulier. Cette troisième édition annule et remplace la deuxième édition parue en 2015. Cette édition constitue une révision technique. Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) ajout de la capacité à renvoyer toutes les données des éléments surveillés dans un abonnement à l'aide de la méthode ResendData;
b) ajout de la prise en charge pour les abonnements durables (durée de vie en heures ou en jours);
c) ajout des services Register2 et FindServersOnNetwork pour prendre en charge le mécanisme de découverte sur l'ensemble du réseau à l'aide de filtres de capacités;
d) suppression de la définition des certificats de logiciel (seront définis dans une édition ultérieure);
e) enrichissement et révision partielle de la définition de la redondance; ajout de définitions des sous plages pour ServiceLevel et ajout de termes supplémentaires pour la redondance;
f) ajout d'un paragraphe expliquant comment utiliser les Services d'autorisation pour demander des jetons d'accès utilisateur;
g) ajout des jetons JSON Web (JWT) comme nouveau jeton d'utilisateur;
h) ajout du concept d'invocation de service sans session;
i) ajout d'une structure générique permettant de transmettre n'importe quel nombre d'attributs dans le service AddNotes;
j) ajout d'une exigence relative à la protection contre les attaques de jeton d'identité utilisateur;
k) ajout du nouveau format EncryptedSecret pour les jetons d'identité utilisateur.
General Information
Relations
Standards Content (Sample)
IEC 62541-4 ®
Edition 3.0 2020-07
REDLINE VERSION
INTERNATIONAL
STANDARD
colour
inside
OPC unified architecture –
Part 4: Services
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.
IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.
need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC 62541-4 ®
Edition 3.0 2020-07
REDLINE VERSION
INTERNATIONAL
STANDARD
colour
inside
OPC unified architecture –
Part 4: Services
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 25.040.40; 35.100.05 ISBN 978-2-8322-8664-7
– 2 – IEC 62541-4:2020 RLV © IEC 2020
CONTENTS
FOREWORD . 13
1 Scope . 16
2 Normative references . 16
3 Terms, definitions, abbreviated terms and conventions . 17
3.1 Terms and definitions . 17
3.2 Abbreviated terms . 18
3.3 Conventions for Service definitions . 18
4 Overview . 20
4.1 Service Set model . 20
4.2 Request/response Service procedures . 23
5 Service Sets . 23
5.1 General . 23
5.2 Service request and response header . 24
5.3 Service results . 24
5.4 Discovery Service Set . 25
5.4.1 Overview . 25
5.4.2 FindServers . 27
5.4.3 FindServersOnNetwork . 28
5.4.4 GetEndpoints . 30
5.4.5 RegisterServer . 32
5.4.6 RegisterServer2 . 36
5.5 SecureChannel Service Set . 38
5.5.1 Overview . 38
5.5.2 OpenSecureChannel. 39
5.5.3 CloseSecureChannel . 43
5.6 Session Service Set . 44
5.6.1 Overview . 44
5.6.2 CreateSession . 44
5.6.3 ActivateSession . 49
5.6.4 CloseSession . 52
5.6.5 Cancel . 53
5.7 NodeManagement Service Set . 54
5.7.1 Overview . 54
5.7.2 AddNodes . 54
5.7.3 AddReferences . 56
5.7.4 DeleteNodes . 57
5.7.5 DeleteReferences . 59
5.8 View Service Set . 60
5.8.1 Overview . 60
5.8.2 Browse . 60
5.8.3 BrowseNext . 63
5.8.4 TranslateBrowsePathsToNodeIds . 65
5.8.5 RegisterNodes . 67
5.8.6 UnregisterNodes . 68
5.9 Query Service Set . 69
5.9.1 Overview . 69
5.9.2 Querying Views . 69
5.9.3 QueryFirst . 70
5.9.4 QueryNext . 73
5.10 Attribute Service Set . 74
5.10.1 Overview . 74
5.10.2 Read . 75
5.10.3 HistoryRead . 76
5.10.4 Write. 79
5.10.5 HistoryUpdate . 82
5.11 Method Service Set . 84
5.11.1 Overview . 84
5.11.2 Call . 84
5.12 MonitoredItem Service Set . 87
5.12.1 MonitoredItem model . 87
5.12.2 CreateMonitoredItems . 93
5.12.3 ModifyMonitoredItems . 95
5.12.4 SetMonitoringMode . 97
5.12.5 SetTriggering . 98
5.12.6 DeleteMonitoredItems . 100
5.13 Subscription Service Set . 101
5.13.1 Subscription model . 101
5.13.2 CreateSubscription . 110
5.13.3 ModifySubscription . 111
5.13.4 SetPublishingMode . 113
5.13.5 Publish . 114
5.13.6 Republish . 116
5.13.7 TransferSubscriptions . 117
5.13.8 DeleteSubscriptions . 119
6 Service behaviours . 120
6.1 Security . 120
6.1.1 Overview . 120
6.1.2 Obtaining and installing an Application Instance Certificate . 120
6.1.3 Determining if a Certificate is trusted . 121
6.1.4 Creating a SecureChannel . 124
6.1.5 Creating a Session . 126
6.1.6 Impersonating a User . 127
6.2 Authorization Services . 127
6.2.1 Overview . 127
6.2.2 Indirect handshake with an Identity Provider . 128
6.2.3 Direct handshake with an Identity Provider . 128
6.3 Session-less Service invocation . 129
6.3.1 Description . 129
6.3.2 Parameters . 130
6.3.3 Service results . 131
6.4 Software Certificates . 131
6.5 Auditing . 133
6.5.1 Overview . 133
6.5.2 General audit logs . 133
6.5.3 General audit Events . 133
– 4 – IEC 62541-4:2020 RLV © IEC 2020
6.5.4 Auditing for Discovery Service Set . 134
6.5.5 Auditing for SecureChannel Service Set . 134
6.5.6 Auditing for Session Service Set . 134
6.5.7 Auditing for NodeManagement Service Set . 135
6.5.8 Auditing for Attribute Service Set . 135
6.5.9 Auditing for Method Service Set . 135
6.5.10 Auditing for View, Query, MonitoredItem and Subscription Service Set . 136
6.6 Redundancy . 136
6.6.1 Redundancy overview . 141
6.6.2 Server Redundancy . 141
6.6.3 Client Redundancy . 153
6.6.4 Network Redundancy . 153
6.6.5 Manually forcing Failover . 155
6.7 Re-establishing connections . 155
6.8 Durable Subscriptions . 157
7 Common parameter type definitions . 158
7.1 ApplicationDescription . 158
7.2 ApplicationInstanceCertificate . 159
7.3 BrowseResult . 160
7.4 ContentFilter . 161
7.4.1 ContentFilter structure . 161
7.4.2 ContentFilterResult . 161
7.4.3 FilterOperator . 162
7.4.4 FilterOperand parameters . 169
7.5 Counter . 171
7.6 ContinuationPoint . 171
7.7 DataValue . 172
7.7.1 General . 172
7.7.2 PicoSeconds. 172
7.7.3 SourceTimestamp . 173
7.7.4 ServerTimestamp . 173
7.7.5 StatusCode assigned to a value. 174
7.8 DiagnosticInfo . 174
7.9 DiscoveryConfiguration parameters . 175
7.9.1 Overview . 175
7.9.2 MdnsDiscoveryConfiguration . 176
7.10 EndpointDescription . 176
7.11 ExpandedNodeId . 177
7.12 ExtensibleParameter . 177
7.13 Index . 177
7.14 IntegerId . 178
7.15 MessageSecurityMode . 178
7.16 MonitoringParameters . 178
7.17 MonitoringFilter parameters . 179
7.17.1 Overview . 179
7.17.2 DataChangeFilter . 180
7.17.3 EventFilter . 181
7.17.4 AggregateFilter . 183
7.18 MonitoringMode . 184
7.19 NodeAttributes parameters . 185
7.19.1 Overview . 185
7.19.2 ObjectAttributes parameter . 186
7.19.3 VariableAttributes parameter . 186
7.19.4 MethodAttributes parameter . 187
7.19.5 ObjectTypeAttributes parameter . 187
7.19.6 VariableTypeAttributes parameter . 188
7.19.7 ReferenceTypeAttributes parameter . 188
7.19.8 DataTypeAttributes parameter . 189
7.19.9 ViewAttributes parameter . 189
7.19.10 GenericAttributes parameter . 190
7.20 NotificationData parameters . 190
7.20.1 Overview . 190
7.20.2 DataChangeNotification parameter . 191
7.20.3 EventNotificationList parameter . 191
7.20.4 StatusChangeNotification parameter . 192
7.21 NotificationMessage . 192
7.22 NumericRange . 192
7.23 QueryDataSet . 193
7.24 ReadValueId . 194
7.25 ReferenceDescription. 195
7.26 RelativePath . 196
7.27 RegisteredServer . 197
7.28 RequestHeader . 197
7.29 ResponseHeader . 199
7.30 ServiceFault . 199
7.31 SessionAuthenticationToken . 200
7.32 SignatureData . 201
7.33 SignedSoftwareCertificate . 202
7.34 StatusCode . 203
7.34.1 General . 203
7.34.2 Common StatusCodes . 205
7.35 TimestampsToReturn . 209
7.36 UserIdentityToken parameters . 209
7.36.1 Overview . 209
7.36.2 Token Encryption and Proof of Possession . 210
7.36.3 AnonymousIdentityToken . 214
7.36.4 UserNameIdentityToken . 214
7.36.5 X509IdentityTokens . 216
7.36.6 IssuedIdentityToken. 216
7.37 UserTokenPolicy . 217
7.38 VersionTime. 218
7.39 ViewDescription . 218
Annex A (informative) BNF definitions . 220
A.1 Overview over BNF . 220
A.2 BNF of RelativePath . 220
A.3 BNF of NumericRange . 221
Annex B (informative) ContentFilter and Query examples . 222
B.1 Simple ContentFilter examples . 222
– 6 – IEC 62541-4:2020 RLV © IEC 2020
B.1.1 Overview . 222
B.1.2 Example 1 . 222
B.1.3 Example 2 . 223
B.2 Complex examples of Query filters . 224
B.2.1 Overview . 224
B.2.2 Used type model . 224
B.2.3 Example Notes . 227
B.2.4 Example 1 . 228
B.2.5 Example 2 . 229
B.2.6 Example 3 . 230
B.2.7 Example 4 . 233
B.2.8 Example 5 . 234
B.2.9 Example 6 . 235
B.2.10 Example 7 . 237
B.2.11 Example 8 . 239
B.2.12 Example 9 . 241
Figure 1 – Discovery Service Set . 20
Figure 2 – SecureChannel Service Set. 20
Figure 3 – Session Service Set . 21
Figure 4 – NodeManagement Service Set . 21
Figure 5 – View Service Set . 21
Figure 6 – Attribute Service Set . 22
Figure 7 – Method Service Set . 22
Figure 8 – MonitoredItem and Subscription Service Sets . 23
Figure 9 – Discovery process . 26
Figure 10 – Using a Gateway Server . 31
Figure 11 – The registration process – Manually launched servers . 33
Figure 12 – The registration process – Automatically launched servers . 33
Figure 13 – SecureChannel and Session Services . 39
Figure 14 – Multiplexing users on a Session . 46
Figure 15 – MonitoredItem model . 88
Figure 16 – Typical delay in change detection . 90
Figure 17 – Queue overflow handling . 91
Figure 18 – Triggering model . 92
Figure 19 – Obtaining and installing an Application Instance Certificate . 121
Figure 20 – Determining if an Application Instance Certificate is trusted . 124
Figure 21 – Establishing a SecureChannel . 125
Figure 22 – Establishing a Session . 126
Figure 23 – Impersonating a User . 127
Figure 24 – Indirect handshake with an Identity Provider . 128
Figure 25 – Direct handshake with an Identity Provider . 129
Figure 26 – Transparent Redundancy setup example . 143
Figure 27 – Non-Transparent Redundancy setup . 144
Figure 28 – Client Start-up steps . 148
Figure 29 – Cold Failover . 149
Figure 30 – Warm Failover . 150
Figure 31 – Hot Failover . 151
Figure 32 – HotAndMirrored Failover . 152
Figure 33 – Server proxy for Redundancy . 153
Figure 34 – Transparent network Redundancy . 154
Figure 35 – Non-transparent network Redundancy . 155
Figure 36 – Reconnect sequence . 156
Figure 37 – Logical layers of a Server . 200
Figure 38 – Obtaining a SessionAuthenticationToken . 201
Figure 39 – EncryptedSecret layout . 211
Figure B.1 – Filter logic tree example . 222
Figure B.2 – Filter logic tree example . 223
Figure B.3 – Example Type Nodes . 226
Figure B.4 – Example Instance Nodes . 227
Figure B.5 – Example 1 Filter . 228
Figure B.6 – Example 2 Filter logic tree . 230
Figure B.7 – Example 3 Filter logic tree . 231
Figure B.8 – Example 4 Filter logic tree . 233
Figure B.9 – Example 5 Filter logic tree . 235
Figure B.10 – Example 6 Filter logic tree . 236
Figure B.11 – Example 7 Filter logic tree . 238
Figure B.12 – Example 8 Filter logic tree . 240
Figure B.13 – Example 9 Filter logic tree . 241
Table 1 – Service definition table . 19
Table 2 – Parameter Types defined in IEC 62541‑3 . 19
Table 3 – FindServers Service parameters . 28
Table 4 – FindServersOnNetwork Service parameters . 29
Table 5 – GetEndpoints Service parameters . 32
Table 6 – RegisterServer Service parameters . 35
Table 7 – RegisterServer Service result codes . 36
Table 8 – RegisterServer2 . 37
Table 9 – RegisterServer2 Service result codes . 37
Table 10 – RegisterServer2 Operation Level result codes . 37
Table 11 – OpenSecureChannel Service parameters . 41
Table 12 – OpenSecureChannel Service result codes . 43
Table 13 – CloseSecureChannel Service parameters . 44
Table 14 – CloseSecureChannel Service result codes . 44
Table 15 – CreateSession Service parameters . 47
Table 16 – CreateSession Service result codes . 49
Table 17 – ActivateSession Service parameters . 51
Table 18 – ActivateSession Service result codes . 52
– 8 – IEC 62541-4:2020 RLV © IEC 2020
Table 19 – CloseSession Service parameters . 53
Table 20 – CloseSession Service result codes . 53
Table 21 – Cancel Service parameters. 53
Table 22 – AddNodes Service parameters . 54
Table 23 – AddNodes Service result codes . 55
Table 24 – AddNodes Operation Level result codes . 55
Table 25 – AddReferences Service parameters . 56
Table 26 – AddReferences Service result codes . 57
Table 27 – AddReferences Operation Level result codes . 57
Table 28 – DeleteNodes Service parameters . 58
Table 29 – DeleteNodes Service result codes . 58
Table 30 – DeleteNodes Operation Level result codes . 59
Table 31 – DeleteReferences Service parameters . 59
Table 32 – DeleteReferences Service result codes . 60
Table 33 – DeleteReferences Operation Level result codes . 60
Table 34 – Browse Service parameters . 61
Table 35 – Browse Service result codes . 62
Table 36 – Browse Operation Level result codes . 63
Table 37 – BrowseNext Service parameters . 64
Table 38 – BrowseNext Service result codes . 64
Table 39 – BrowseNext Operation Level result codes . 65
Table 40 – TranslateBrowsePathsToNodeIds Service parameters . 66
Table 41 – TranslateBrowsePathsToNodeIds Service result codes . 66
Table 42 – TranslateBrowsePathsToNodeIds Operation Level result codes . 67
Table 43 – RegisterNodes Service parameters . 68
Table 44 – RegisterNodes Service result codes . 68
Table 45 – UnregisterNodes Service parameters . 69
Table 46 – UnregisterNodes Service result codes . 69
Table 47 – QueryFirst Request parameters . 71
Table 48 – QueryFirst Response parameters . 72
Table 49 – QueryFirst Service result codes . 73
Table 50 – QueryFirst Operation Level result codes . 73
Table 51 – QueryNext Service parameters . 74
Table 52 – QueryNext Service result codes . 74
Table 53 – Read Service parameters . 75
Table 54 – Read Service result codes . 76
Table 55 – Read Operation Level result codes . 76
Table 56 – HistoryRead Service parameters . 77
Table 57 – HistoryRead Service result codes . 79
Table 58 – HistoryRead Operation Level result codes . 79
Table 59 – Write Service parameters . 81
Table 60 – Write Service result codes . 82
Table 61 – Write Operation Level result codes . 82
Table 62 – HistoryUpdate Service parameters . 83
Table 63 – HistoryUpdate Service result codes . 83
Table 64 – HistoryUpdate Operation Level result codes . 84
Table 65 – Call Service parameters . 85
Table 66 – Call Service result codes . 86
Table 67 – Call Operation Level result codes . 87
Table 68 – Call Input Argument Result Codes . 87
Table 69 – CreateMonitoredItems Service parameters . 94
Table 70 – CreateMonitoredItems Service result codes . 95
Table 71 – CreateMonitoredItems Operation Level result codes . 95
Table 72 – ModifyMonitoredItems Service parameters . 96
Table 73 – ModifyMonitoredItems Service result codes . 97
Table 74 – ModifyMonitoredItems Operation Level result codes . 97
Table 75 – SetMonitoringMode service parameters . 98
Table 76 – SetMonitoringMode Service result codes . 98
Table 77 – SetMonitoringMode Operation Level result codes . 98
Table 78 – SetTriggering Service parameters . 99
Table 79 – SetTriggering Service result codes . 99
Table 80 – SetTriggering Operation Level result codes . 100
Table 81 – DeleteMonitoredItems Service parameters . 100
Table 82 – DeleteMonitor
...
IEC 62541-4 ®
Edition 3.0 2020-07
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
OPC unified architecture –
Part 4: Services
Architecture unifiée OPC –
Partie 4: Services
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.
IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.
need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.
A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.
Recherche de publications IEC - Electropedia - www.electropedia.org
webstore.iec.ch/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au
La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en
en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans
comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire
projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.
IEC Just Published - webstore.iec.ch/justpublished Glossaire IEC - std.iec.ch/glossary
Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais
Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et Définitions des
Disponible en ligne et une fois par mois par email. publications IEC parues depuis 2002. Plus certaines entrées
antérieures extraites des publications des CE 37, 77, 86 et
Service Clients - webstore.iec.ch/csc CISPR de l'IEC.
Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@iec.ch.
IEC 62541-4 ®
Edition 3.0 2020-07
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
OPC unified architecture –
Part 4: Services
Architecture unifiée OPC –
Partie 4: Services
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 25.040.40; 35.100.05 ISBN 978-2-8322-8589-3
– 2 – IEC 62541-4:2020 © IEC 2020
CONTENTS
FOREWORD . 13
1 Scope . 15
2 Normative references . 15
3 Terms, definitions, abbreviated terms and conventions . 16
3.1 Terms and definitions . 16
3.2 Abbreviated terms . 17
3.3 Conventions for Service definitions . 17
4 Overview . 19
4.1 Service Set model . 19
4.2 Request/response Service procedures . 22
5 Service Sets . 22
5.1 General . 22
5.2 Service request and response header . 23
5.3 Service results . 23
5.4 Discovery Service Set . 24
5.4.1 Overview . 24
5.4.2 FindServers . 26
5.4.3 FindServersOnNetwork . 27
5.4.4 GetEndpoints . 29
5.4.5 RegisterServer . 31
5.4.6 RegisterServer2 . 34
5.5 SecureChannel Service Set . 35
5.5.1 Overview . 35
5.5.2 OpenSecureChannel. 36
5.5.3 CloseSecureChannel . 40
5.6 Session Service Set . 41
5.6.1 Overview . 41
5.6.2 CreateSession . 41
5.6.3 ActivateSession . 46
5.6.4 CloseSession . 49
5.6.5 Cancel . 50
5.7 NodeManagement Service Set . 50
5.7.1 Overview . 50
5.7.2 AddNodes . 50
5.7.3 AddReferences . 52
5.7.4 DeleteNodes . 54
5.7.5 DeleteReferences . 56
5.8 View Service Set . 57
5.8.1 Overview . 57
5.8.2 Browse . 57
5.8.3 BrowseNext . 60
5.8.4 TranslateBrowsePathsToNodeIds . 62
5.8.5 RegisterNodes . 64
5.8.6 UnregisterNodes . 65
5.9 Query Service Set . 66
5.9.1 Overview . 66
5.9.2 Querying Views . 66
5.9.3 QueryFirst . 67
5.9.4 QueryNext . 70
5.10 Attribute Service Set . 71
5.10.1 Overview . 71
5.10.2 Read . 72
5.10.3 HistoryRead . 73
5.10.4 Write. 76
5.10.5 HistoryUpdate . 79
5.11 Method Service Set . 81
5.11.1 Overview . 81
5.11.2 Call . 81
5.12 MonitoredItem Service Set . 84
5.12.1 MonitoredItem model . 84
5.12.2 CreateMonitoredItems . 89
5.12.3 ModifyMonitoredItems . 92
5.12.4 SetMonitoringMode . 94
5.12.5 SetTriggering . 95
5.12.6 DeleteMonitoredItems . 97
5.13 Subscription Service Set . 98
5.13.1 Subscription model . 98
5.13.2 CreateSubscription . 107
5.13.3 ModifySubscription . 108
5.13.4 SetPublishingMode . 110
5.13.5 Publish . 111
5.13.6 Republish . 113
5.13.7 TransferSubscriptions . 114
5.13.8 DeleteSubscriptions . 116
6 Service behaviours . 117
6.1 Security . 117
6.1.1 Overview . 117
6.1.2 Obtaining and installing an Application Instance Certificate . 117
6.1.3 Determining if a Certificate is trusted . 118
6.1.4 Creating a SecureChannel . 121
6.1.5 Creating a Session . 123
6.1.6 Impersonating a User . 124
6.2 Authorization Services . 124
6.2.1 Overview . 124
6.2.2 Indirect handshake with an Identity Provider . 124
6.2.3 Direct handshake with an Identity Provider . 125
6.3 Session-less Service invocation . 126
6.3.1 Description . 126
6.3.2 Parameters . 127
6.3.3 Service results . 128
6.4 Software Certificates . 128
6.5 Auditing . 128
6.5.1 Overview . 128
6.5.2 General audit logs . 128
6.5.3 General audit Events . 129
– 4 – IEC 62541-4:2020 © IEC 2020
6.5.4 Auditing for Discovery Service Set . 129
6.5.5 Auditing for SecureChannel Service Set . 129
6.5.6 Auditing for Session Service Set . 129
6.5.7 Auditing for NodeManagement Service Set . 130
6.5.8 Auditing for Attribute Service Set . 130
6.5.9 Auditing for Method Service Set . 131
6.5.10 Auditing for View, Query, MonitoredItem and Subscription Service Set . 131
6.6 Redundancy . 131
6.6.1 Redundancy overview . 131
6.6.2 Server Redundancy . 132
6.6.3 Client Redundancy . 143
6.6.4 Network Redundancy . 143
6.6.5 Manually forcing Failover . 145
6.7 Re-establishing connections . 145
6.8 Durable Subscriptions . 147
7 Common parameter type definitions . 148
7.1 ApplicationDescription . 148
7.2 ApplicationInstanceCertificate . 149
7.3 BrowseResult . 150
7.4 ContentFilter . 151
7.4.1 ContentFilter structure . 151
7.4.2 ContentFilterResult . 151
7.4.3 FilterOperator . 152
7.4.4 FilterOperand parameters . 159
7.5 Counter . 161
7.6 ContinuationPoint . 161
7.7 DataValue . 162
7.7.1 General . 162
7.7.2 PicoSeconds. 162
7.7.3 SourceTimestamp . 162
7.7.4 ServerTimestamp . 163
7.7.5 StatusCode assigned to a value. 163
7.8 DiagnosticInfo . 164
7.9 DiscoveryConfiguration parameters . 165
7.9.1 Overview . 165
7.9.2 MdnsDiscoveryConfiguration . 166
7.10 EndpointDescription . 166
7.11 ExpandedNodeId . 167
7.12 ExtensibleParameter . 167
7.13 Index . 167
7.14 IntegerId . 167
7.15 MessageSecurityMode . 168
7.16 MonitoringParameters . 168
7.17 MonitoringFilter parameters . 169
7.17.1 Overview . 169
7.17.2 DataChangeFilter . 170
7.17.3 EventFilter . 171
7.17.4 AggregateFilter . 173
7.18 MonitoringMode . 174
7.19 NodeAttributes parameters . 175
7.19.1 Overview . 175
7.19.2 ObjectAttributes parameter . 176
7.19.3 VariableAttributes parameter . 176
7.19.4 MethodAttributes parameter . 177
7.19.5 ObjectTypeAttributes parameter . 177
7.19.6 VariableTypeAttributes parameter . 178
7.19.7 ReferenceTypeAttributes parameter . 178
7.19.8 DataTypeAttributes parameter . 179
7.19.9 ViewAttributes parameter . 179
7.19.10 GenericAttributes parameter . 180
7.20 NotificationData parameters . 180
7.20.1 Overview . 180
7.20.2 DataChangeNotification parameter . 181
7.20.3 EventNotificationList parameter . 181
7.20.4 StatusChangeNotification parameter . 182
7.21 NotificationMessage . 182
7.22 NumericRange . 182
7.23 QueryDataSet . 183
7.24 ReadValueId . 184
7.25 ReferenceDescription. 185
7.26 RelativePath . 186
7.27 RegisteredServer . 187
7.28 RequestHeader . 187
7.29 ResponseHeader . 189
7.30 ServiceFault . 189
7.31 SessionAuthenticationToken . 190
7.32 SignatureData . 191
7.33 SignedSoftwareCertificate . 191
7.34 StatusCode . 192
7.34.1 General . 192
7.34.2 Common StatusCodes . 194
7.35 TimestampsToReturn . 198
7.36 UserIdentityToken parameters . 198
7.36.1 Overview . 198
7.36.2 Token Encryption and Proof of Possession . 199
7.36.3 AnonymousIdentityToken . 203
7.36.4 UserNameIdentityToken . 203
7.36.5 X509IdentityTokens . 205
7.36.6 IssuedIdentityToken. 205
7.37 UserTokenPolicy . 206
7.38 VersionTime. 207
7.39 ViewDescription . 207
Annex A (informative) BNF definitions . 208
A.1 Overview over BNF . 208
A.2 BNF of RelativePath . 208
A.3 BNF of NumericRange . 209
Annex B (informative) ContentFilter and Query examples . 210
B.1 Simple ContentFilter examples . 210
– 6 – IEC 62541-4:2020 © IEC 2020
B.1.1 Overview . 210
B.1.2 Example 1 . 210
B.1.3 Example 2 . 211
B.2 Complex examples of Query filters . 212
B.2.1 Overview . 212
B.2.2 Used type model . 212
B.2.3 Example Notes . 215
B.2.4 Example 1 . 216
B.2.5 Example 2 . 217
B.2.6 Example 3 . 218
B.2.7 Example 4 . 221
B.2.8 Example 5 . 222
B.2.9 Example 6 . 223
B.2.10 Example 7 . 225
B.2.11 Example 8 . 227
B.2.12 Example 9 . 228
Figure 1 – Discovery Service Set . 19
Figure 2 – SecureChannel Service Set. 19
Figure 3 – Session Service Set . 20
Figure 4 – NodeManagement Service Set . 20
Figure 5 – View Service Set . 20
Figure 6 – Attribute Service Set . 21
Figure 7 – Method Service Set . 21
Figure 8 – MonitoredItem and Subscription Service Sets . 22
Figure 9 – Discovery process . 25
Figure 10 – Using a Gateway Server . 30
Figure 11 – The registration process – Manually launched servers . 32
Figure 12 – The registration process – Automatically launched servers . 32
Figure 13 – SecureChannel and Session Services . 36
Figure 14 – Multiplexing users on a Session . 43
Figure 15 – MonitoredItem model . 84
Figure 16 – Typical delay in change detection . 86
Figure 17 – Queue overflow handling . 87
Figure 18 – Triggering model . 88
Figure 19 – Obtaining and installing an Application Instance Certificate . 118
Figure 20 – Determining if an Application Instance Certificate is trusted . 121
Figure 21 – Establishing a SecureChannel . 122
Figure 22 – Establishing a Session . 123
Figure 23 – Impersonating a User . 124
Figure 24 – Indirect handshake with an Identity Provider . 125
Figure 25 – Direct handshake with an Identity Provider . 126
Figure 26 – Transparent Redundancy setup example . 133
Figure 27 – Non-Transparent Redundancy setup . 134
Figure 28 – Client Start-up steps . 138
Figure 29 – Cold Failover . 139
Figure 30 – Warm Failover . 140
Figure 31 – Hot Failover . 141
Figure 32 – HotAndMirrored Failover . 142
Figure 33 – Server proxy for Redundancy . 143
Figure 34 – Transparent network Redundancy . 144
Figure 35 – Non-transparent network Redundancy . 145
Figure 36 – Reconnect sequence . 146
Figure 37 – Logical layers of a Server . 190
Figure 38 – Obtaining a SessionAuthenticationToken . 191
Figure 39 – EncryptedSecret layout . 200
Figure B.1 – Filter logic tree example . 210
Figure B.2 – Filter logic tree example . 211
Figure B.3 – Example Type Nodes . 214
Figure B.4 – Example Instance Nodes . 215
Figure B.5 – Example 1 Filter . 216
Figure B.6 – Example 2 Filter logic tree . 218
Figure B.7 – Example 3 Filter logic tree . 219
Figure B.8 – Example 4 Filter logic tree . 221
Figure B.9 – Example 5 Filter logic tree . 222
Figure B.10 – Example 6 Filter logic tree . 224
Figure B.11 – Example 7 Filter logic tree . 226
Figure B.12 – Example 8 Filter logic tree . 227
Figure B.13 – Example 9 Filter logic tree . 228
Table 1 – Service definition table . 18
Table 2 – Parameter Types defined in IEC 62541-3 . 18
Table 3 – FindServers Service parameters . 27
Table 4 – FindServersOnNetwork Service parameters . 28
Table 5 – GetEndpoints Service parameters . 31
Table 6 – RegisterServer Service parameters . 33
Table 7 – RegisterServer Service result codes . 33
Table 8 – RegisterServer2 . 34
Table 9 – RegisterServer2 Service result codes . 35
Table 10 – RegisterServer2 Operation Level result codes . 35
Table 11 – OpenSecureChannel Service parameters . 38
Table 12 – OpenSecureChannel Service result codes . 40
Table 13 – CloseSecureChannel Service parameters . 41
Table 14 – CloseSecureChannel Service result codes . 41
Table 15 – CreateSession Service parameters . 44
Table 16 – CreateSession Service result codes . 46
Table 17 – ActivateSession Service parameters . 48
Table 18 – ActivateSession Service result codes . 49
– 8 – IEC 62541-4:2020 © IEC 2020
Table 19 – CloseSession Service parameters . 49
Table 20 – CloseSession Service result codes . 50
Table 21 – Cancel Service parameters. 50
Table 22 – AddNodes Service parameters . 51
Table 23 – AddNodes Service result codes . 52
Table 24 – AddNodes Operation Level result codes . 52
Table 25 – AddReferences Service parameters . 53
Table 26 – AddReferences Service result codes . 53
Table 27 – AddReferences Operation Level result codes . 54
Table 28 – DeleteNodes Service parameters . 55
Table 29 – DeleteNodes Service result codes . 55
Table 30 – DeleteNodes Operation Level result codes . 56
Table 31 – DeleteReferences Service parameters . 56
Table 32 – DeleteReferences Service result codes . 57
Table 33 – DeleteReferences Operation Level result codes . 57
Table 34 – Browse Service parameters . 58
Table 35 – Browse Service result codes . 59
Table 36 – Browse Operation Level result codes . 60
Table 37 – BrowseNext Service parameters . 61
Table 38 – BrowseNext Service result codes . 61
Table 39 – BrowseNext Operation Level result codes . 62
Table 40 – TranslateBrowsePathsToNodeIds Service parameters . 63
Table 41 – TranslateBrowsePathsToNodeIds Service result codes . 63
Table 42 – TranslateBrowsePathsToNodeIds Operation Level result codes . 64
Table 43 – RegisterNodes Service parameters . 65
Table 44 – RegisterNodes Service result codes . 65
Table 45 – UnregisterNodes Service parameters . 66
Table 46 – UnregisterNodes Service result codes . 66
Table 47 – QueryFirst Request parameters . 68
Table 48 – QueryFirst Response parameters . 69
Table 49 – QueryFirst Service result codes . 70
Table 50 – QueryFirst Operation Level result codes . 70
Table 51 – QueryNext Service parameters . 71
Table 52 – QueryNext Service result codes . 71
Table 53 – Read Service parameters . 72
Table 54 – Read Service result codes . 73
Table 55 – Read Operation Level result codes . 73
Table 56 – HistoryRead Service parameters . 74
Table 57 – HistoryRead Service result codes . 76
Table 58 – HistoryRead Operation Level result codes . 76
Table 59 – Write Service parameters . 78
Table 60 – Write Service result codes .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.
Loading comments...