IEC 62541-2:2026 describes the OPC Unified Architecture (OPC UA) security model. It
describes the security threats of the physical, hardware, and software environments in which
OPC UA is expected to run. It describes how OPC UA relies upon other standards for security.
It provides definition of common security terms that are used in this and other parts of the
IEC 62541 series. It gives an overview and concept of the security features that are specified
in other parts of the series. It references services, mappings, and Profiles that are specified
normatively in other parts of the 62541 series. It provides suggestions or best practice
guidelines on implementing security. Any seeming ambiguity between this document and one
of the other normative parts does not remove or reduce the requirement specified in the other
normative part.
There are many different aspects of security that are addressed when developing applications.
However, since OPC UA specifies a communication protocol, the focus is on securing the data
exchanged between applications. This does not mean that an application developer can ignore
the other aspects of security like protecting persistent data against tampering. It is important
that the developers look into all aspects of security and decide how they can be addressed in
the application. Common security features for industrial Controls are defined in IEC 62443-4-2
and OPC UA defined a relationship to them in Annex A.
This document is directed to readers who will develop OPC UA applications. It is also for end
Users that wish to understand the various security features and functionality provided by OPC
UA. It also offers some recommendations that can be applied when deploying systems. These
recommendations are generic in nature since the details would depend on the actual
implementation of the OPC UA applications and the choices made for the site security.

Product Details

Edition:

Published:

ISBN(s):

Number of Pages:

File Size:

Note: