This plugin is based on the S2OPC open source library.

OPC UA server protocol stack configuration

Connection configuration

This section provides the connection-level configuration details of an OPC UA server.

Attributes definition

Attribute	Description	Expected values	Mandatory
url	The server URL endpoint	“opc.tcp://:[/sub/path]” e.g. “opc.tcp://localhost:4841”	YES
appUri	The application URI	e.g. “urn:S2OPC:localhost”	YES
productUri	The product URI	e.g. “urn:S2OPC:localhost”	YES
appDescription	Application description	Any non-empty string.	YES
localeId	The default language Id.	e.g. "en-US", "fr-FR", ...	YES
namespaces	List of namespaces URI, starting at namespace 1. Note that in current implementation, only namespace 1 is used. Thus, the array should contain only one name. (Array is kept for portability)	e.g. for 2 users namespaces (ns=1, ns=2): [ "urn:S2OPC:localhost", "urn:S2OPC:localhost_2" ]	YES
policies	Array of accepted policies If no security is required: - a single element containing both "None" for Mode and Policy should be used.		YES
policies.securityMode	The security mode	A string among “None”, “Sign” and “SignAndEncrypt” (case insensitive)	YES
policies.securityPolicy	The security policy	A string among “None”, “Basic256”, “Basic256Sha256”, “Aes128Sha256RsaOaep” and “Aes256Sha256RsaPss”	YES
policies.userPolicies	The user policy If no security is required, "Anonymous" should be used	A string among “Anonymous”, “username”, “username_None”, “username_Basic256”	YES
users	A map of 'user':'password'. If no user-authentication is required, it can be an empty object	e.g: {"user" : "password", "user2" : "xGt4sdE3Z+" } e.g: {}	YES
certificates	Note: all certificate files are expected to be provided in the $(FLEDGE_INSTALL)/data/etc/certs/s2opc_srv folder		NO
certificates.serverCertPath	The Server certificate filename (DER format)	e.g. "server_2k_cert.der"	NO
certificates.serverKeyPath	The Server key filename (PEM format)	e.g. "server_2k_key.pem"	NO
certificates.trusted_root	The list of trusted root certificates (DER)	e.g. [ "cacert.der" ]	NO
certificates.trusted_intermediate	The list of trusted intermediate certificates (DER)	Same as “trusted_root”	NO
certificates.revoked	The list of revoked certificates (DER)	Same as “trusted_root”	NO
certificates.untrusted_root	The list of untrusted root certificates (DER)	Same as “trusted_root”	NO
certificates.untrusted_intermediate	The list of untrusted intermediate certificates (DER)	Same as “trusted_root”	NO
certificates.issued	The list of untrusted issued certificates (DER)	Same as “trusted_root”	NO

Configuration JSON structure

{
   "transport_layer":{
      "url":"opc.tcp://localhost:4841/OPCUA/s2opc",
      "appUri":"urn:S2OPC:localhost",
      "productUri":"urn:S2OPC:localhost",
      "appDescription":"Application description",
      "localeId":"en-US",
      "namespaces":[ "urn:S2OPC:localhost" ],
      "policies":[
         {
            "securityMode":"None",
            "securityPolicy":"None",
            "userPolicies":[
               "anonymous"
            ]
         },
         {
            "securityMode":"SignAndEncrypt",
            "securityPolicy":"Basic256Sha256",
            "userPolicies":[
               "username_Basic256Sha256",
               "username_None"
            ]
         }
      ],
      "users":{ "user":"password", "user2":"xGt4sdE3Z+" },
      "certificates":{
         "serverCertPath":"server_2k_cert.der",
         "serverKeyPath":"server_2k_key.pem",
         "trusted_root":[ "cacert.der" ],
         "trusted_intermediate":[],
         "revoked":["cacrl.der"],
         "untrusted_root":[],
         "untrusted_intermediate":[],
         "issued":[]
      }
   }
}

Endpoint configuration

This section provides the user-level configuration details of an OPC UA server, once a client-server secured connection is established.

The endpoint (see "transport_layer.url") is an OPC UA interface and provides several means of use by a client (Browse, Read, Write, Subscribe). The following items allow any connected client to access directly all server data without required use of browsing, provided that it has knowledge of the PIVOT object it needs.

Interface specification:

As a standard OPC UA server, all functional data are organized under the Root.Objects node of namespace 0 ( nodeId = i=85).
For each PIVOT data, there is one node under Root.Objects with:
- NodeClass = Object
- NodeId= ns=1;s=<PIVOT_ID> , with <PIVOT_ID> as provided in exchanged_data.datapoints[].pivot_id section configuration.
- BrowseName= namespace =1, name = <PIVOT_ID>
- DisplayName = <PIVOT_ID>
- References:
  - HasTypeDefinition: FolderType
  - HasComponent: <...> , one for each variable below

NodeId	BrowseName/ DisplayName	IsOrganizedBy	NodeClass	Type
`ns=1;s=``<PIVOT_ID>`	`<PIVOT_ID>`	`"Root.Objects"` (= "i=85")	`Object`	N.A
`ns=1;s=``<PIVOT_ID>/Cause`	`Cause`	`ns=1;s=``<PIVOT_ID>`	`Variable`	UInt32

With <PIVOT_ID> as provided in exchanged_data.datapoints[].pivot_id section configuration.

Requirements

The following requirements aim at providing a clear

Page tree

OPCUA north plugin