SIST EN IEC 62541-18:2025

SLOVENSKI STANDARD
01-december-2025
Enotna arhitektura OPC - 18. del: Varnost na podlagi vlog (IEC 62541-18:2025)
OPC unified architecture - Part 18: Role-Based Security (IEC 62541-18:2025)
OPC Unified Architecture – Teil 18: Rollenbasierte IT-Sicherheit (IEC 62541-18:2025)
Architecture unifiée OPC - Partie 18: Sécurité fondée sur les rôles (IEC 62541-18:2025)
Ta slovenski standard je istoveten z: EN IEC 62541-18:2025
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN IEC 62541-18

NORME EUROPÉENNE
EUROPÄISCHE NORM October 2025
ICS 25.040
English Version
OPC unified architecture - Part 18: Role-Based Security
(IEC 62541-18:2025)
Architecture unifiée OPC - Partie 18: Sécurité fondée sur OPC Unified Architecture - Teil 18: Rollenbasierte IT-
les rôles Sicherheit
(IEC 62541-18:2025) (IEC 62541-18:2025)
This European Standard was approved by CENELEC on 2025-09-19. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2025 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 62541-18:2025 E

European foreword
The text of document 65E/1043/CDV, future edition 1 of IEC 62541-18, prepared by SC 65E "Devices
and integration in enterprise systems" of IEC/TC 65 "Industrial-process measurement, control and
automation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2026-10-31
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2028-10-31
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national committee. A
complete listing of these bodies can be found on the CENELEC website.
Endorsement notice
The text of the International Standard IEC 62541-18:2025 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following note has to be added for the standard indicated:
IEC 62541-5:2020 NOTE Approved as EN IEC 62541-5:2020 (not modified)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1  Where an International Publication has been modified by common modifications, indicated by (mod),
the relevant EN/HD applies.
NOTE 2  Up-to-date information on the latest versions of the European Standards listed in this annex is available
here: www.cencenelec.eu.
Publication Year Title EN/HD Year
1 2
IEC 62541-1 - OPC unified architecture - Part 1: Overview EN IEC 62541-1 -
and concepts
IEC 62541-3 - OPC Unified Architecture - Part 3: Address EN IEC 62541-3 -
Space Model
IEC 62541-4 - OPC Unified Architecture - Part 4: Services EN IEC 62541-4 -
IEC 62541-5 - OPC Unified Architecture - Part 5: EN IEC 62541-5 -
Information Model
IEC 62541-6 - OPC Unified Architecture - Part 6: EN IEC 62541-6 -
Mappings
IEC 62541-8 - OPC Unified Architecture - Part 8: Data EN IEC 62541-8 -
Access
IEC 62541-12 - OPC unified architecture - Part 12: EN IEC 62541-12 -
Discovery and global services
Under preparation. Stage at the time of publication: IEC/DIS 62541-1:2024.
Under preparation. Stage at the time of publication: prEN IEC 62541-1:2024
IEC 62541-18 ®
Edition 1.0 2025-08
INTERNATIONAL
STANDARD
OPC unified architecture -
Part 18: Role-Based Security
ICS 25.040  ISBN 978-2-8327-0611-4

IEC 62541-18:2025-08(en)
IEC 62541-18:2025 © IEC 2025
CONTENTS
FOREWORD. 3
1 Scope . 5
2 Normative references . 5
3 Terms and definitions . 5
3.1 Terms and definitions . 5
4 Role Model . 5
4.1 General . 5
4.2 RoleSetType . 6
4.2.1 RoleSetType definition . 6
4.2.2 AddRole Method . 7
4.2.3 RemoveRole Method . 8
4.3 RoleSet . 8
4.4 RoleType . 13
4.4.1 RoleType definition . 13
4.4.2 EndpointType . 15
4.4.3 IdentityMappingRuleType . 16
4.4.4 IdentityCriteriaType . 18
4.4.5 AddIdentity Method . 18
4.4.6 RemoveIdentity Method . 19
4.4.7 AddApplication Method . 19
4.4.8 RemoveApplication Method . 20
4.4.9 AddEndpoint Method . 21
4.4.10 RemoveEndpoint Method . 21
4.5 RoleMappingRuleChangedAuditEventType . 22
5 User Management Model . 22
5.1 General . 22
5.2 UserManagementType . 23
5.2.1 UserManagementType definition . 23
5.2.2 PasswordOptionsMask . 24
5.2.3 UserConfigurationMask . 25
5.2.4 UserManagementDataType . 25
5.2.5 AddUser Method . 26
5.2.6 ModifyUser Method . 27
5.2.7 RemoveUser Method . 27
5.2.8 ChangePassword Method . 28
5.3 UserManagement . 29
Bibliography . 30

Figure 1 – Role management overview . 6
Figure 2 – User management overview . 23

Table 1 – RoleSetType definition . 6
Table 2 – RoleSet definition . 9
Table 3 – RoleSet Additional Conformance Units . 9
Table 4 – RoleType definition . 14
IEC 62541-18:2025 © IEC 2025
Table 5 – EndpointType Structure . 16
Table 6 – EndpointType definition . 16
Table 7 – IdentityMappingRuleType . 16
Table 8 – Order for subject name criteria . 17
Table 9 – IdentityMappingRuleType definition . 18
Table 10 – IdentityCriteriaType Values . 18
Table 11 – IdentityCriteriaType Definition . 18
Table 12 – RoleMappingRuleChangedAuditEventType definition . 22
Table 13 – UserManagementType definition . 23
Table 14 – PasswordOptionsMask values . 24
Table 15 – PasswordOptionsMask definition . 24
Table 16 – UserConfigurationMask values . 25
Table 17 – UserConfigurationMask definition . 25
Table 18 – UserManagementDataType structure . 25
Table 19 – DataSetMetaDataType definition . 26
Table 20 – UserManagement definition . 29

IEC 62541-18:2025 © IEC 2025
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
OPC unified architecture -
Part 18: Role-Based Security
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as "IEC Publication(s)"). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements o
...