OPC unified architecture - Part 7: Profiles (IEC 62541-7:2020)

This part of IEC 62541 defines the OPC Unified Architecture (OPC UA) Profiles. The Profiles
in this document are used to segregate features with regard to testing of OPC UA products
and the nature of the testing (tool based or lab based). This includes the testing performed by
the OPC Foundation provided OPC UA CTT (a self-test tool) and by the OPC Foundation
provided Independent certification test labs. This could equally as well refer to test tools
provided by another organization or a test lab provided by another organization. What is
important is the concept of automated tool-based testing versus lab-based testing. The scope
of this standard includes defining functionality that can only be tested in a lab and defining the
grouping of functionality that is to be used when testing OPC UA products either in a lab or
using automated tools. The definition of actual TestCases is not within the scope of this
document, but the general categories of TestCases are within the scope of this document.
Most OPC UA applications will conform to several, but not all, of the Profiles.

OPC Unified Architecture - Teil 7: Profile (IEC 62541-7:2020)

Architecture unifiée OPC - Partie 7: Profils (IEC 62541-7:2020)

IEC 62541-7:2020 est disponible sous forme de IEC 62541-7:2020 RLV qui contient la Norme internationale et sa version Redline, illustrant les modifications du contenu technique depuis l'édition précédente.

L'IEC 62541-7:2020 définit les Profils de l'architecture unifiée OPC (OPC UA). Les Profils du présent document permettent de classer les caractéristiques en fonction des essais de produits OPC UA et de la nature des essais (via un outil ou en laboratoire). Cela inclut les essais effectués à l'aide de l'outil d'essai de conformité CTT OPC UA développé par la Fondation OPC (outil d'essai autonome), ainsi que les essais réalisés par des laboratoires de certification indépendants de cette même fondation. Le présent document peut également faire référence aux outils d'essai ou au laboratoire d'essai d'un autre organisme. Dans le cas présent, l'élément important est le concept qui oppose les essais fondés sur un outil automatisé et les essais en laboratoire. Le domaine d'application de la présente norme inclut la définition d'une fonctionnalité qui ne peut être soumise à l'essai qu'en laboratoire, ainsi que la définition du regroupement des fonctionnalités à utiliser durant les essais de produits OPC UA effectués en laboratoire ou à l'aide d'outils automatisés. La définition des TestCases réels ne relève pas du domaine d'application du présent document, mais les catégories de TestCases générales relèvent du domaine d'application du présent document.
La plupart des applications OPC UA sont conformes à plusieurs Profils, mais pas à l'ensemble des Profils.
Cette troisième édition annule et remplace la deuxième édition parue en 2015. Cette édition constitue une révision technique.
Cette édition inclut les modifications techniques majeures suivantes par rapport à l'édition précédente:
a) ajout de nouveaux profils fonctionnels:
• profils pour la découverte globale et la gestion globale des certificats;
• profils pour la gestion globale de KeyCredential et pour la gestion globale des jetons d'accès;
• facette pour les abonnements durables;
• profil client UA normalisé;
• profils pour l'administration des rôles et permissions des utilisateurs.
b) ajout de nouveaux profils de transport:
• HTTPS avec codage JSON;
• Secure WebSockets (WSS) avec codage binaire ou JSON;
• connectivité inversée.
c) ajout de nouveaux profils de sécurité:
• TransportSecurity – TLS 1.2 avec PFS (confidentialité persistante);
• SecurityPolicy [A] – Aes128-Sha256-RsaOaep (en remplacement de Base128Rsa15);
• SecurityPolicy – Aes256-Sha256-RsaPss ajoute la confidentialité persistante pour UA TCP);
• jeton d'utilisateur JWT (Jason Web Token).
d) spécification des profils de sécurité déconseillés (en raison des algorithmes cassés):
• SecurityPolicy – Basic128Rsa15 (algorithme Sha1 cassé);
• SecurityPolicy – Basic256 (algorithme Sha1 cassé);
• TransportSecurity – TLS 1.0 (algorithme RC4 cassé);
• TransportSecurity – TLS 1.1 (algorithme RC4 cassé).
e) transport déconseillé (absence de prise en charge sur la plupart des plateformes):
• SOAP/HTTP avec WS-SecureConversation (tous les codages).

Enotna arhitektura OPC - 7. del: Profili (IEC 62541-7:2020)

General Information

Status
Published
Public Enquiry End Date
29-Nov-2018
Publication Date
05-Nov-2020
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
24-Aug-2020
Due Date
29-Oct-2020
Completion Date
06-Nov-2020

Relations

Buy Standard

Standard
EN IEC 62541-7:2020 - BARVE
English language
128 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Draft
prEN IEC 62541-7:2018 - BARVE
English language
107 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN IEC 62541-7:2020
01-december-2020
Nadomešča:
SIST EN 62541-7:2015
Enotna arhitektura OPC - 7. del: Profili (IEC 62541-7:2020)
OPC unified architecture - Part 7: Profiles (IEC 62541-7:2020)
OPC Unified Architecture - Teil 7: Profile (IEC 62541-7:2020)
Architecture unifiée OPC - Partie 7: Profils (IEC 62541-7:2020)
Ta slovenski standard je istoveten z: EN IEC 62541-7:2020
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
SIST EN IEC 62541-7:2020 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN IEC 62541-7:2020

---------------------- Page: 2 ----------------------
SIST EN IEC 62541-7:2020


EUROPEAN STANDARD EN IEC 62541-7

NORME EUROPÉENNE

EUROPÄISCHE NORM
August 2020
ICS 35.100.05; 25.040.40 Supersedes EN 62541-7:2015 and all of its amendments
and corrigenda (if any)
English Version
OPC unified architecture - Part 7: Profiles
(IEC 62541-7:2020)
Architecture unifiée OPC - Partie 7: Profils OPC Unified Architecture - Teil 7: Profile
(IEC 62541-7:2020) (IEC 62541-7:2020)
This European Standard was approved by CENELEC on 2020-07-27. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Turkey and the United Kingdom.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2020 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
 Ref. No. EN IEC 62541-7:2020 E

---------------------- Page: 3 ----------------------
SIST EN IEC 62541-7:2020
EN IEC 62541-7:2020 (E)
European foreword
The text of document 65E/707/FDIS, future edition 3 of IEC 62541-7, prepared by SC 65E "Devices
and integration in enterprise systems" of IEC/TC 65 "Industrial-process measurement, control and
automation" was submitted to the IEC-CENELEC parallel vote and approved by CENELEC as
EN IEC 62541-7:2020.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2021-04-27
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2023-07-27
document have to be withdrawn

This document supersedes EN 62541-7:2015 and all of its amendments and corrigenda (if any).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
This document has been prepared under a mandate given to CENELEC by the European Commission
and the European Free Trade Association.
Endorsement notice
The text of the International Standard IEC 62541-7:2020 was approved by CENELEC as a European
Standard without any modification.


2

---------------------- Page: 4 ----------------------
SIST EN IEC 62541-7:2020
EN IEC 62541-7:2020 (E)
Annex ZA
(normative)

Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1  Where an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2  Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu.
Publication Year Title EN/HD Year
IEC/TR 62541-1 - OPC unified architecture - Part 1: CLC/TR 62541-1 -
Overview and concepts
IEC/TR 62541-2 - OPC unified architecture - Part 2: CLC/TR 62541-2 -
Security model
IEC 62541-3 - OPC Unified Architecture - Part 3: - -
Address Space Model
IEC 62541-4 - OPC Unified Architecture - Part 4: - -
Services
IEC 62541-5 - OPC Unified Architecture - Part 5: - -
Information Model
IEC 62541-6 - OPC Unified Architecture - Part 6: - -
Mappings
IEC 62541-8 - OPC Unified Architecture - Part 8: Data - -
Access
IEC 62541-9 - OPC Unified Architecture - Part 9: - -
Alarms and Conditions
IEC 62541-11 - OPC Unified Architecture - Part 11: - -
Historical Access
IEC 62541-12 - OPC unified architecture - Part 12: - -
Discovery and global services
IEC 62541-13 - OPC Unified Architecture - Part 13: - -
Aggregates
Compliance Part 8 - OPC Test Lab Specification: Part 8 - UA - -
UA Server Server
Compliance Part 9 - OPC Test Lab Specification: Part 9 - UA - -
UA Client Client

3

---------------------- Page: 5 ----------------------
SIST EN IEC 62541-7:2020

---------------------- Page: 6 ----------------------
SIST EN IEC 62541-7:2020




IEC 62541-7

®


Edition 3.0 2020-06




INTERNATIONAL



STANDARD




NORME


INTERNATIONALE
colour

inside










OPC unified architecture –

Part 7: Profiles



Architecture unifiée OPC –

Partie 7: Profils
















INTERNATIONAL

ELECTROTECHNICAL

COMMISSION


COMMISSION

ELECTROTECHNIQUE


INTERNATIONALE




ICS 25.040.40; 35.100.05 ISBN 978-2-8322-8456-8



Warning! Make sure that you obtained this publication from an authorized distributor.

Attention! Veuillez vous assurer que vous avez obtenu cette publication via un distributeur agréé.

® Registered trademark of the International Electrotechnical Commission
Marque déposée de la Commission Electrotechnique Internationale

---------------------- Page: 7 ----------------------
SIST EN IEC 62541-7:2020
– 2 – IEC 62541-7:2020 © IEC 2020
CONTENTS
FOREWORD . 12
1 Scope . 15
2 Normative references . 15
3 Terms, definitions, and abbreviated terms . 16
3.1 Terms and definitions . 16
3.2 Abbreviated terms . 17
4 Overview . 17
4.1 General . 17
4.2 ConformanceUnit . 18
4.3 Profiles . 18
4.4 Profile Categories . 19
5 Conformance Units . 19
5.1 Overview. 19
5.2 Services . 20
5.3 Transport and communication related features . 30
5.4 Information Model and AddressSpace related features . 38
5.5 Miscellaneous . 55
6 Profiles . 57
6.1 Overview. 57
6.2 Profile list . 57
6.3 Conventions for Profile definitions . 64
6.4 Profile versioning . 64
6.5 Applications . 64
6.6 Profile tables . 66
6.6.1 General . 66
6.6.2 Core Server Facet . 66
6.6.3 Core 2017 Server Facet . 66
6.6.4 Sessionless Server Facet . 67
6.6.5 Reverse Connect Server Facet . 67
6.6.6 Base Server Behaviour Facet . 68
6.6.7 Request State Change Server Facet . 68
6.6.8 Subnet Discovery Server Facet . 68
6.6.9 Global Certificate Management Server Facet . 68
6.6.10 Authorization Service Server Facet . 69
6.6.11 KeyCredential Service Server Facet . 69
6.6.12 Attribute WriteMask Server Facet . 69
6.6.13 File Access Server Facet . 69
6.6.14 Documentation Server Facet . 70
6.6.15 Embedded DataChange Subscription Server Facet . 70
6.6.16 Standard DataChange Subscription Server Facet . 70
6.6.17 Standard DataChange Subscription 2017 Server Facet . 71
6.6.18 Enhanced DataChange Subscription Server Facet . 71
6.6.19 Enhanced DataChange Subscription 2017 Server Facet . 71
6.6.20 Durable Subscription Server Facet . 71
6.6.21 Data Access Server Facet . 72
6.6.22 ComplexType Server Facet . 72

---------------------- Page: 8 ----------------------
SIST EN IEC 62541-7:2020
IEC 62541-7:2020 © IEC 2020 – 3 –
6.6.23 ComplexType 2017 Server Facet . 72
6.6.24 Standard Event Subscription Server Facet . 73
6.6.25 Address Space Notifier Server Facet . 74
6.6.26 A & C Base Condition Server Facet . 74
6.6.27 A & C Refresh2 Server Facet . 74
6.6.28 A & C Address Space Instance Server Facet . 74
6.6.29 A & C Enable Server Facet . 75
6.6.30 A & C AlarmMetrics Server Facet . 75
6.6.31 A & C Alarm Server Facet . 75
6.6.32 A & C Acknowledgeable Alarm Server Facet . 76
6.6.33 A & C Exclusive Alarming Server Facet . 76
6.6.34 A & C Non-Exclusive Alarming Server Facet . 77
6.6.35 A & C Previous Instances Server Facet . 77
6.6.36 A & C Dialog Server Facet . 77
6.6.37 A & C CertificateExpiration Server Facet . 78
6.6.38 A & E Wrapper Facet . 78
6.6.39 Method Server Facet . 79
6.6.40 Auditing Server Facet . 79
6.6.41 Node Management Server Facet. 80
6.6.42 User Role Base Server Facet . 80
6.6.43 User Role Management Server Facet . 80
6.6.44 State Machine Server Facet . 81
6.6.45 Client Redundancy Server Facet . 81
6.6.46 Redundancy Transparent Server Facet . 81
6.6.47 Redundancy Visible Server Facet . 82
6.6.48 Historical Raw Data Server Facet . 82
6.6.49 Historical Aggregate Server Facet . 82
6.6.50 Historical Data AtTime Server Facet . 83
6.6.51 Historical Access Modified Data Server Facet . 84
6.6.52 Historical Annotation Server Facet . 84
6.6.53 Historical Data Insert Server Facet . 84
6.6.54 Historical Data Update Server Facet . 84
6.6.55 Historical Data Replace Server Facet . 85
6.6.56 Historical Data Delete Server Facet . 85
6.6.57 Historical Access Structured Data Server Facet . 85
6.6.58 Base Historical Event Server Facet . 85
6.6.59 Historical Event Update Server Facet . 86
6.6.60 Historical Event Replace Server Facet . 86
6.6.61 Historical Event Insert Server Facet . 86
6.6.62 Historical Event Delete Server Facet . 86
6.6.63 Aggregate Subscription Server Facet . 87
6.6.64 Nano Embedded Device Server Profile . 88
6.6.65 Nano Embedded Device 2017 Server Profile . 88
6.6.66 Micro Embedded Device Server Profile . 88
6.6.67 Micro Embedded Device 2017 Server Profile . 88
6.6.68 Embedded UA Server Profile . 88
6.6.69 Embedded 2017 UA Server Profile . 89
6.6.70 Standard UA Server Profile . 89
6.6.71 Standard 2017 UA Server Profile . 89

---------------------- Page: 9 ----------------------
SIST EN IEC 62541-7:2020
– 4 – IEC 62541-7:2020 © IEC 2020
6.6.72 Core Client Facet. 90
6.6.73 Core 2017 Client Facet . 90
6.6.74 Sessionless Client Facet . 90
6.6.75 Reverse Connect Client Facet . 90
6.6.76 Base Client Behaviour Facet . 91
6.6.77 Discovery Client Facet . 91
6.6.78 Subnet Discovery Client Facet . 91
6.6.79 Global Discovery Client Facet . 92
6.6.80 Global Certificate Management Client Facet . 92
6.6.81 KeyCredential Service Client Facet . 92
6.6.82 Access Token Request Client Facet . 92
6.6.83 AddressSpace Lookup Client Facet . 93
6.6.84 Request State Change Client Facet . 93
6.6.85 File Access Client Facet . 93
6.6.86 Entry Level Support 2015 Client Facet . 94
6.6.87 Multi-Server Client Connection Facet . 94
6.6.88 Documentation – Client . 94
6.6.89 Attribute Read Client Facet . 94
6.6.90 Attribute Write Client Facet . 95
6.6.91 DataChange Subscriber Client Facet . 95
6.6.92 Durable Subscription Client Facet . 96
6.6.93 DataAccess Client Facet . 96
6.6.94 Event Subscriber Client Facet. 97
6.6.95 Base Event Processing Client Facet . 97
6.6.96 Notifier and Source Hierarchy Client Facet . 98
6.6.97 A & C Base Condition Client Facet . 98
6.6.98 A & C Refresh2 Client Facet . 98
6.6.99 A & C Address Space Instance Client Facet . 99
6.6.100 A & C Enable Client Facet . 99
6.6.101 A & C AlarmMetrics Client Facet . 99
6.6.102 A & C Alarm Client Facet . 99
6.6.103 A & C Exclusive Alarming Client Facet . 100
6.6.104 A & C Non-Exclusive Alarming Client Facet . 100
6.6.105 A & C Previous Instances Client Facet . 101
6.6.106 A & C Dialog Client Facet . 101
6.6.107 A & C CertificateExpiration Client Facet . 101
6.6.108 A & E Proxy Facet . 102
6.6.109 Method Client Facet. 103
6.6.110 Auditing Client Facet . 103
6.6.111 Node Management Client Facet . 103
6.6.112 Advanced Type Programming Client Facet . 103
6.6.113 User Role Management Client Facet . 104
6.6.114 State Machine Client Facet . 104
6.6.115 Diagnostic Client Facet . 104
6.6.116 Redundant Client Facet . 105
6.6.117 Redundancy Switch Client Facet . 105
6.6.118 Historical Access Client Facet . 105
6.6.119 Historical Data AtTime Client Facet . 105
6.6.120 Historical Aggregate Client Facet . 105

---------------------- Page: 10 ----------------------
SIST EN IEC 62541-7:2020
IEC 62541-7:2020 © IEC 2020 – 5 –
6.6.121 Historical Annotation Client Facet . 107
6.6.122 Historical Access Modified Data Client Facet . 107
6.6.123 Historical Data Insert Client Facet . 107
6.6.124 Historical Data Update Client Facet . 107
6.6.125 Historical Data Replace Client Facet. 107
6.6.126 Historical Data Delete Client Facet . 108
6.6.127 Historical Access Client Server Timestamp Facet . 108
6.6.128 Historical Structured Data Access Client Facet . 108
6.6.129 Historical Structured Data AtTime Client Facet . 108
6.6.130 Historical Structured Data Modified Client Facet . 109
6.6.131 Historical Structured Data Insert Client Facet . 109
6.6.132 Historical Structured Data Update Client Facet . 109
6.6.133 Historical Structured Data Replace Client Facet . 109
6.6.134 Historical Structured Data Delete Client Facet . 109
6.6.135 Historical Events Client Facet . 110
6.6.136 Historical Event Insert Client Facet . 110
6.6.137 Historical Event Update Client Facet. 110
6.6.138 Historical Event Replace Client Facet . 110
6.6.139 Historical Event Delete Client Facet . 111
6.6.140 Aggregate Subscriber Client Facet . 111
6.6.141 Standard UA Client Profile . 112
6.6.142 Standard UA Client 2017 Profile . 112
6.6.143 UA-TCP UA-SC UA-Binary. 113
6.6.144 HTTPS UA-Binary . 113
6.6.145 HTTPS UA-XML . 114
6.6.146 HTTPS UA-JSON. 114
6.6.147 WSS UA-SC UA-Binary. 114
6.6.148 WSS UA-JSON . 114
6.6.149 Security User Access Control Full . 115
6.6.150 Security User Access Control Base. 115
6.6.151 Security Time Synchronization . 115
6.6.152 Best Practice – Audit Events . 116
6.6.153 Best Practice – Alarm Handling . 116
6.6.154 Best Practice – Random Numbers . 116
6.6.155 Best Practice – Timeouts . 116
6.6.156 Best Practice – Administrative Access . 116
6.6.157 Best Practice – Strict Message Handling . 117
6.6.158 Best Practice – Audit Events Client . 117
6.6.159 TransportSecurity – TLS 1.2 . 117
6.6.160 TransportSecurity – TLS 1.2 with PFS . 117
6.6.161 SecurityPolicy – None . 118
6.6.162 SecurityPolicy – Basic128Rsa15 . 118
6.6.163 SecurityPolicy – Basic256 . 118
6.6.164 SecurityPolicy [A] – Aes128-Sha256-RsaOaep . 118
6.6.165 SecurityPolicy [B] – Basic256Sha256 . 119
6.6.166 SecurityPolicy – Aes256-Sha256-RsaPss . 119
6.6.167 User Token – Anonymous Facet . 120
6.6.168 User Token – User Name Password Server Facet . 120
6.6.169 User Token – X509 Certificate Server Facet . 120

---------------------- Page: 11 ----------------------
SIST EN IEC 62541-7:2020
– 6 – IEC 62541-7:2020 © IEC 2020
6.6.170 User Token – Issued Token Server Facet . 121
6.6.171 User Token – Issued Token Windows Server Facet . 121
6.6.172 User Token – JWT Server Facet . 121
6.6.173 User Token – User Name Password Client Facet . 121
6.6.174 User Token – X509 Certificate Client Facet . 122
6.6.175 User Token – Issued Token Client Facet . 122
6.6.176 User Token – Issued Token Window
...

SLOVENSKI STANDARD
oSIST prEN IEC 62541-7:2018
01-november-2018
Enotna arhitektura OPC - 7. del: Profili
OPC unified architecture - Part 7: Profiles
OPC Unified Architecture - Teil 7: Profile
Architecture unifiée OPC - Partie 7: Profils
Ta slovenski standard je istoveten z: prEN IEC 62541-7:2018
ICS:
25.040.40 Merjenje in krmiljenje Industrial process
industrijskih postopkov measurement and control
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
oSIST prEN IEC 62541-7:2018 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN IEC 62541-7:2018

---------------------- Page: 2 ----------------------
oSIST prEN IEC 62541-7:2018
65E/608/CDV

COMMITTEE DRAFT FOR VOTE (CDV)
PROJECT NUMBER:
IEC 62541-7 ED3
DATE OF CIRCULATION: CLOSING DATE FOR VOTING:
2018-08-17 2018-11-09
SUPERSEDES DOCUMENTS:
65E/556/RR

IEC SC 65E : DEVICES AND INTEGRATION IN ENTERPRISE SYSTEMS
SECRETARIAT: SECRETARY:
United States of America Mr Donald (Bob) Lattimer
OF INTEREST TO THE FOLLOWING COMMITTEES: PROPOSED HORIZONTAL STANDARD:


Other TC/SCs are requested to indicate their interest, if
any, in this CDV to the secretary.
FUNCTIONS CONCERNED:

EMC ENVIRONMENT QUALITY ASSURANCE SAFETY
SUBMITTED FOR CENELEC PARALLEL VOTING NOT SUBMITTED FOR CENELEC PARALLEL VOTING
Attention IEC-CENELEC parallel voting
The attention of IEC National Committees, members of
CENELEC, is drawn to the fact that this Committee Draft for
Vote (CDV) is submitted for parallel voting.
The CENELEC members are invited to vote through the
CENELEC online voting system.

This document is still under study and subject to change. It should not be used for reference purposes.
Recipients of this document are invited to submit, with their comments, notification of any relevant patent rights of which
they are aware and to provide supporting documentation.

TITLE:
OPC unified architecture - Part 7: Profiles

PROPOSED STABILITY DATE: 2021

NOTE FROM TC/SC OFFICERS:


Copyright © 2018 International Electrotechnical Commission, IEC. All rights reserved. It is permitted to download this
electronic file, to make a copy and to print out the content for the sole purpose of preparing National Committee positions.
You may not copy or "mirror" the file or printed version of the document, or any part of it, for any other purpose without

permission in writing from IEC.

---------------------- Page: 3 ----------------------
oSIST prEN IEC 62541-7:2018
IEC CDV 62541-7 © IEC 2018 - 2 - 65E/608/CDV
CONTENTS

FIGURES . 7
TABLES . 8
FOREWORD . 13
1 Scope . 16
2 Normative references . 16
3 Terms, definitions, and abbreviations . 17
3.1 Terms and definitions . 17
3.2 Abbreviations . 17
4 Overview . 18
4.1 General . 18
4.2 ConformanceUnit . 19
4.3 Profiles . 19
4.4 Profile Categories. 19
5 Conformance Units . 19
5.1 Overview . 19
5.2 Services . 20
5.3 Transport and communication related features . 29
5.4 Information Model and AddressSpace related features . 37
5.5 Miscellaneous . 53
6 Profiles . 54
6.1 Overview . 54
6.2 Profile list . 55
6.3 Conventions for Profile definitions . 59
6.4 Profile versioning . 59
6.5 Applications . 59
6.6 Profile tables . 61
6.6.1 Introduction . 61
6.6.2 Core Server Facet . 61
6.6.3 Core 2017 Server Facet . 61
6.6.4 Sessionless Server Facet . 62
6.6.5 Reverse Connect Server Facet . 62
6.6.6 Base Server Behaviour Facet . 62
6.6.7 Request State Change Server Facet . 63
6.6.8 Subnet Discovery Server Facet . 63
6.6.9 Global Certificate Management Server Facet . 63
6.6.10 Authorization Service Server Facet . 63
6.6.11 KeyCredential Service Server Facet . 63
6.6.12 Attribute WriteMask Server Facet . 64
6.6.13 File Access Server Facet . 64
6.6.14 Documentation Server Facet . 64
6.6.15 Embedded DataChange Subscription Server Facet . 64
6.6.16 Standard DataChange Subscription Server Facet . 65
6.6.17 Standard DataChange Subscription 2017 Server Facet . 65
6.6.18 Enhanced DataChange Subscription Server Facet . 65
6.6.19 Enhanced DataChange Subscription 2017 Server Facet. 65
6.6.20 Durable Subscription Server Facet . 66

---------------------- Page: 4 ----------------------
oSIST prEN IEC 62541-7:2018
65E/608/CDV - 3 - IEC CDV 62541-7 © IEC 2017
6.6.21 Data Access Server Facet . 66
6.6.22 ComplexType Server Facet . 66
6.6.23 ComplexType 2017 Server Facet . 66
6.6.24 Standard Event Subscription Server Facet . 67
6.6.25 Address Space Notifier Server Facet. 67
6.6.26 A & C Base Condition Server Facet . 67
6.6.27 A & C Refresh2 Server Facet . 68
6.6.28 A & C Address Space Instance Server Facet. 68
6.6.29 A & C Enable Server Facet . 68
6.6.30 A & C AlarmMetrics Server Facet . 68
6.6.31 A & C Alarm Server Facet . 68
6.6.32 A & C Acknowledgeable Alarm Server Facet . 69
6.6.33 A & C Exclusive Alarming Server Facet . 69
6.6.34 A & C Non-Exclusive Alarming Server Facet . 70
6.6.35 A & C Previous Instances Server Facet . 70
6.6.36 A & C Dialog Server Facet . 70
6.6.37 A & C CertificateExpiration Server Facet . 70
6.6.38 A & E Wrapper Facet . 71
6.6.39 Method Server Facet . 71
6.6.40 Auditing Server Facet. 71
6.6.41 Node Management Server Facet . 72
6.6.42 User Role Base Server Facet . 72
6.6.43 User Role Management Server Facet . 72
6.6.44 State Machine Server Facet . 73
6.6.45 Client Redundancy Server Facet . 73
6.6.46 Redundancy Transparent Server Facet . 73
6.6.47 Redundancy Visible Server Facet . 73
6.6.48 Historical Raw Data Server Facet . 73
6.6.49 Historical Aggregate Server Facet . 74
6.6.50 Historical Data AtTime Server Facet . 75
6.6.51 Historical Access Modified Data Server Facet . 75
6.6.52 Historical Annotation Server Facet . 75
6.6.53 Historical Data Insert Server Facet . 75
6.6.54 Historical Data Update Server Facet . 75
6.6.55 Historical Data Replace Server Facet . 76
6.6.56 Historical Data Delete Server Facet . 76
6.6.57 Historical Access Structured Data Server Facet . 76
6.6.58 Base Historical Event Server Facet . 76
6.6.59 Historical Event Update Server Facet . 76
6.6.60 Historical Event Replace Server Facet . 77
6.6.61 Historical Event Insert Server Facet . 77
6.6.62 Historical Event Delete Server Facet . 77
6.6.63 Aggregate Subscription Server Facet . 77
6.6.64 Nano Embedded Device Server Profile . 78
6.6.65 Nano Embedded Device 2017 Server Profile . 78
6.6.66 Micro Embedded Device Server Profile . 78
6.6.67 Micro Embedded Device 2017 Server Profile. 79
6.6.68 Embedded UA Server Profile. 79
6.6.69 Embedded 2017 UA Server Profile . 79

---------------------- Page: 5 ----------------------
oSIST prEN IEC 62541-7:2018
IEC CDV 62541-7 © IEC 2017 - 4 - 65E/608/CDV
6.6.70 Standard UA Server Profile . 79
6.6.71 Standard 2017 UA Server Profile . 79
6.6.72 Core Client Facet . 80
6.6.73 Core 2017 Client Facet . 80
6.6.74 Sessionless Client Facet . 80
6.6.75 Reverse Connect Client Facet . 80
6.6.76 Base Client Behaviour Facet . 81
6.6.77 Discovery Client Facet . 81
6.6.78 Subnet Discovery Client Facet . 81
6.6.79 Global Discovery Client Facet . 81
6.6.80 Global Certificate Management Client Facet . 82
6.6.81 KeyCredential Service Client Facet . 82
6.6.82 Access Token Request Client Facet . 82
6.6.83 AddressSpace Lookup Client Facet . 82
6.6.84 Request State Change Client Facet . 83
6.6.85 File Access Client Facet . 83
6.6.86 Entry Level Support 2015 Client Facet . 83
6.6.87 Multi-Server Client Connection Facet . 83
6.6.88 Documentation – Client . 83
6.6.89 Attribute Read Client Facet . 84
6.6.90 Attribute Write Client Facet . 84
6.6.91 DataChange Subscriber Client Facet . 84
6.6.92 Durable Subscription Client Facet . 85
6.6.93 DataAccess Client Facet . 85
6.6.94 Event Subscriber Client Facet . 85
6.6.95 Base Event Processing Client Facet. 85
6.6.96 Notifier and Source Hierarchy Client Facet . 86
6.6.97 A & C Base Condition Client Facet . 86
6.6.98 A & C Refresh2 Client Facet . 86
6.6.99 A & C Address Space Instance Client Facet . 86
6.6.100 A & C Enable Client Facet . 87
6.6.101 A & C AlarmMetrics Client Facet . 87
6.6.102 A & C Alarm Client Facet . 87
6.6.103 A & C Exclusive Alarming Client Facet . 87
6.6.104 A & C Non-Exclusive Alarming Client Facet . 88
6.6.105 A & C Previous Instances Client Facet . 88
6.6.106 A & C Dialog Client Facet . 88
6.6.107 A & C CertificateExpiration Client Facet . 88
6.6.108 A & E Proxy Facet . 89
6.6.109 Method Client Facet . 89
6.6.110 Auditing Client Facet . 90
6.6.111 Node Management Client Facet . 90
6.6.112 Advanced Type Programming Client Facet . 90
6.6.113 User Role Management Client Facet . 90
6.6.114 State Machine Client Facet . 91
6.6.115 Diagnostic Client Facet . 91
6.6.116 Redundant Client Facet. 91
6.6.117 Redundancy Switch Client Facet . 91
6.6.118 Historical Access Client Facet . 91

---------------------- Page: 6 ----------------------
oSIST prEN IEC 62541-7:2018
65E/608/CDV - 5 - IEC CDV 62541-7 © IEC 2017
6.6.119 Historical Data AtTime Client Facet . 91
6.6.120 Historical Aggregate Client Facet . 92
6.6.121 Historical Annotation Client Facet . 92
6.6.122 Historical Access Modified Data Client Facet . 93
6.6.123 Historical Data Insert Client Facet . 93
6.6.124 Historical Data Update Client Facet . 93
6.6.125 Historical Data Replace Client Facet . 93
6.6.126 Historical Data Delete Client Facet . 93
6.6.127 Historical Access Client Server Timestamp Facet. 94
6.6.128 Historical Structured Data Access Client Facet . 94
6.6.129 Historical Structured Data AtTime Client Facet . 94
6.6.130 Historical Structured Data Modified Client Facet . 94
6.6.131 Historical Structured Data Insert Client Facet . 94
6.6.132 Historical Structured Data Update Client Facet . 94
6.6.133 Historical Structured Data Replace Client Facet . 95
6.6.134 Historical Structured Data Delete Client Facet . 95
6.6.135 Historical Events Client Facet . 95
6.6.136 Historical Event Insert Client Facet . 95
6.6.137 Historical Event Update Client Facet . 95
6.6.138 Historical Event Replace Client Facet . 96
6.6.139 Historical Event Delete Client Facet . 96
6.6.140 Aggregate Subscriber Client Facet . 96
6.6.141 Standard UA Client Profile . 97
6.6.142 Standard UA Client 2017 Profile . 97
6.6.143 UA-TCP UA-SC UA-Binary . 98
6.6.144 HTTPS UA-Binary . 98
6.6.145 HTTPS UA-XML . 98
6.6.146 HTTPS UA-JSON . 98
6.6.147 WSS UA-SC UA-Binary . 99
6.6.148 WSS UA-JSON . 99
6.6.149 Security User Access Control Full . 99
6.6.150 Security User Access Control Base . 99
6.6.151 Security Time Synchronization . 99
6.6.152 Best Practice – Audit Events . 100
6.6.153 Best Practice – Alarm Handling . 100
6.6.154 Best Practice – Random Numbers . 100
6.6.155 Best Practice – Timeouts . 100
6.6.156 Best Practice – Administrative Access . 100
6.6.157 Best Practice – Strict Message Handling . 101
6.6.158 Best Practice – Audit Events Client . 101
6.6.159 TransportSecurity – TLS 1.2 . 101
6.6.160 TransportSecurity – TLS 1.2 with PFS . 101
6.6.161 SecurityPolicy – None . 101
6.6.162 SecurityPolicy – Basic128Rsa15 . 102
6.6.163 SecurityPolicy – Basic256 . 102
6.6.164 SecurityPolicy [A] - Aes128-Sha256-RsaOaep . 102
6.6.165 SecurityPolicy [B] – Basic256Sha256 . 102
6.6.166 SecurityPolicy - Aes256-Sha256-RsaPss . 103
6.6.167 User Token – Anonymous Facet . 103

---------------------- Page: 7 ----------------------
oSIST prEN IEC 62541-7:2018
IEC CDV 62541-7 © IEC 2017 - 6 - 65E/608/CDV
6.6.168 User Token – User Name Password Server Facet . 103
6.6.169 User Token – X509 Certificate Server Facet . 104
6.6.170 User Token – Issued Token Server Facet. 104
6.6.171 User Token – Issued Token Windows Server Facet . 104
6.6.172 User Token – JWT Server Facet . 104
6.6.173 User Token – User Name Password Client Facet . 104
6.6.174 User Token – X509 Certificate Client Facet . 105
6.6.175 User Token – Issued Token Client Facet . 105
6.6.176 User Token – Issued Token Windows Client Facet . 105
6.6.177 User Token – JWT Client Facet . 105
6.6.178 Global Discovery Server Profile . 105
6.6.179 Global Discovery Server 2017 Profile . 105
6.6.180 Global Discovery and Certificate Management Server . 106
6.6.181 Global Discovery and Certificate Mgmt 2017 Server . 106
6.6.182 Global Certificate Management Client Profile . 106
6.6.183 Global Certificate Management Client 2017 Profile . 106
6.6.184 Global Service Authorization Request Server Facet . 107
6.6.185 Global Service KeyCredential Pull Facet . 107
6.6.186 Global Service KeyCredential Push Facet . 107

---------------------- Page: 8 ----------------------
oSIST prEN IEC 62541-7:2018
65E/608/CDV - 7 - IEC CDV 62541-7 © IEC 2017
FIGURES

Figure 1 – Profile – ConformanceUnit – TestCases . 18
Figure 2 – HMI Client sample . 60
Figure 3 – Embedded Server sample . 60
Figure 4 – Standard UA Server sample . 61

---------------------- Page: 9 ----------------------
oSIST prEN IEC 62541-7:2018
IEC CDV 62541-7 © IEC 2017 - 8 - 65E/608/CDV
TABLES

Table 1 – Profile Categories . 19
Table 2 – Conformance Groups . 20
Table 3 – Discovery Services . 21
Table 4 – Session Services . 22
Table 5 – Node Management Services . 23
Table 6 – View Services . 24
Table 7 – Attribute Services . 25
Table 8 – Method Services . 26
Table 9 – Monitored Item Services . 26
Table 10 – Subscription Services . 28
Table 11 – Security . 29
Table 12 – Protocol and Encoding . 36
Table 13 – Base Information . 37
Table 14 – Address Space Model . 39
Table 15 – Data Access . 41
Table 16 – Alarms and Conditions . 42
Table 17 – Historical Access . 44
Table 18 – Aggregates .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.