Triconex OPC UA Server User's Guide
Triconex OPC UA Server User's Guide
User’s Guide
Invensys, the Invensys logo, Triconex, Tricon, Trident, and TriStation are trademarks of Invensys plc, its
subsidiaries and affiliates. All other brands may be trademarks of their respective owners.
This guide describes the features of the Triconex® OPC UA Server and provides information
about connecting a client to the server and configuring the server using TriStation™ 1131.
In this guide, Triconex controllers refers to Tricon™, Trident™, and Triconex General Purpose
controllers.
Related Documentation
• TriStation 1131 Developer’s Guide
• Communication Guide for Trident v2-v3 Systems
• Communication Guide for Triconex General Purpose v2-v3 Systems
• Planning and Installation Guide for Trident v2-v3 Systems
• Planning and Installation Guide for Triconex General Purpose v2-v3 Systems
• Safety Considerations Guide for Trident v2-v3 Systems
• Safety Considerations Guide for Triconex General Purpose v2-v3 Systems
Website
http://www.invensys.com
Technical Support
Customers in the U.S. and Canada can obtain technical support from the Invensys Global
Customer Support (GCS) center at the numbers below. International customers should contact
their regional support center.
Requests for support are prioritized as follows:
• Emergency requests are given the highest priority
• Requests from participants in the System Watch Agreement (SWA) and customers with
purchase order or charge card authorization are given next priority
• All other requests are handled on a time-available basis
If you require emergency or immediate response and are not an SWA participant, you may
incur a charge. Please have a purchase order or credit card available for billing.
Telephone
Toll-free number 866-746-6477, or
Toll number 508-549-2424 (outside U.S.)
Fax
Toll number 508-549-4999
Website
http://support.ips.invensys.com (registration required)
To help us improve future versions of Triconex documentation, we want to know about any
corrections, clarifications, or further information you would find useful. When you contact us,
please include the following information:
• The title and version of the guide you are referring to
• A brief description of the content you are referring to (for example, step-by-step
instructions that are incorrect, information that requires clarification or more details,
missing information that you would find helpful)
• Your suggestions for correcting or improving the documentation
• The version of the Triconex hardware or software you are using
• Your name, company name, job title, phone number, and e-mail address
Send e-mail to us at:
[email protected]
Please keep in mind that this e-mail address is only for documentation feedback. If you have a
technical problem or question, please contact the Invensys Global Customer Support (GCS)
center. See Technical Support on page vi for contact information.
Or, you can write us at:
Attn: Technical Publications - Triconex
Invensys
26561 Rancho Parkway South
Lake Forest, CA 92630
Thank you for your feedback.
Overview 2
Supported Profiles 3
Secure Communication and Digital Certificates 11
Address Space 12
Audit Event Types 14
Overview
Object Linking and Embedding (OLE) for Process Control Unified Architecture (OPC UA) is a
standard set of non-proprietary interfaces used to develop client-server programs. OPC UA
Server is a client-server application that allows OPC UA clients to read from and write to
Triconex program variables.
The Communications Integration Module (CIM) for Trident v3.0 and later systems, and Tri-GP
v3.0 and later systems, has an embedded OPC UA Server that makes an external PC for the
server unnecessary; however, a PC for the client is still required.
The OPC UA protocol is supported on both CIM network ports (NET 1 and NET 2). Configuring
protocol support and disabling the OPC UA Server can be done using TriStation 1131 software.
The embedded OPC UA Server on the CIM supports these specifications:
• Data Access (DA) v1.0.1
• Alarms and Conditions (A & C) v1.00
The embedded OPC UA Server on the CIM currently does not support Historical Data Access.
OPC UA Client
Application
OPC UA
Protocol
Embedded
OPC UA Server
on the CIM
OPC UA
Protocol
OPC UA Client
Application
Supported Profiles
The Triconex OPC UA Server that is embedded in the CIM supports the following OPC UA
Profiles:
• Core Characteristics
• Data Access
• Alarms and Conditions
• Security Policy
Core Characteristics
The embedded OPC UA Server on the CIM supports the following Core Characteristics profiles
from the Server category:
• Core Server Facet—This facet defines the core functionality of the OPC UA Server,
including the ability to discover endpoints, establish secure communication channels,
create sessions, browse the address space and read and/or write to attributes of nodes.
• Base Server Behavior Facet—This facet defines best practices for the configuration and
management of servers when they are deployed in a production environment.
Notes
• The View Services conformance units in the Core Server Facet are not supported by the
embedded OPC UA Server on the CIM.
• The Register Nodes service is not supported and should not be used.
Data Access
The embedded OPC UA Server on the CIM supports the Data Access (DA) v1.0.1 specification
that is used to move real-time data from Programmable Logic Controllers (PLCs), Distributed
Control Systems (DCSs), and other control devices to Human Machine Interfaces (HMIs) and
other display clients. You can use an OPC UA client to view real-time Trident or Tri-GP bin data
such as aliased tagnames and system variables.
The embedded OPC UA Server on the CIM supports the following Data Access profiles from
the Server category:
• Enhanced DataChange Subscription Server Facet—This facet specifies an enhanced
support of subscribing to data changes.
• Data Access Server Facet—This facet specifies the support for an information model
used to provide industrial automation data. This model defines standard structures for
analog and discrete data items and their quality of service. This facet extends the Core
Server Facet which includes support of the basic Address Space behavior.
The following table describes the optional conformance units supported from the Data
Access Server Facet.
Data Access
Description
Conformance Unit
AnalogItemType AnalogItemType is a subtype of DataItem. There are two optional
properties for the AnalogItemType data type. The Engineering Units
property is supported and taken from the Trident/Tri-GP symbol table
in the system.
ValuePrecision ValuePrecision property for a variable of the Real data type is taken
from the TriStation’s scaling tab. There are two optional properties in
this data type. The Triconex OPC UA Server will only support the
optional property “ValuePrecision” for variables of the Real data type.
The value is taken from the Trident/Tri-GP symbol table.
PercentDeadBand PercentDeadBand is a special monitoring filter, which is based on an
engineering unit range (EURange). Clients can read or write
DataItems, or monitor them for value changes. A change that is
defined as a change in status or a change in value that exceeds a client-
defined range is called a Deadband.
DeadbandValue is defined as the percentage of the EURange. That is, it
applies only to AnalogItems with an EURange property that defines
the typical value range for the item. This range is to be multiplied with
the DeadbandValue to generate an exception limit. An exception is
determined as follows:
If (absolute value of (last cached value - current value) >
(DeadbandValue/100.0) * ((high–low) of EURange))), then it is an
exception.
If the item is an array of values and any array element exceeds the
DeadbandValue, the entire monitored array is returned.
SemanticChanges SemanticChanges is an informational bit.
OPC UA Servers that implement DA can set this bit in notifications if
one or several of the following properties change:
• EngineeringUnits (could create problems if the client uses the
value to perform calculations)
• EURange (could change the attribute of a subscription if a
PercentDeadband filter is used)
• FalseState, TrueState, EnumStrings (changes can cause
misinterpretation by users or (scripting) programs)
It should not be changed for any of the other DA properties.
Clients should not process the data value until they re-read the
mentioned properties associated with the variable.
TwoStateDiscrete TwoStateDiscreteType is a subtype of DataItem. The TwoStateDiscrete
Type Type is defined by the Data Access specification for OPC UA. In this
specification, when the type is TwoStateDiscreteType, the state names
are in parentheses - the false value is the first value and the true value
is the second.
Data Access
Description
Conformance Unit
MultiStateDiscrete MultiStateDiscreteType is a subtype of DataItem. The
Type MultiStateDiscreteType will have state names along with their
corresponding values in parentheses.
DA Performance Considerations
The embedded OPC UA DA on the CIM has the following limitations:
• 10 OPC UA sessions in total (DA and Alarms and Conditions (A&C)) can subscribe to
OPC UA data
• 100 subscriptions in total
• 2,000 monitored items per subscription
• 6,000 monitored items per second for each Trident or Tri-GP system
• 20,000 monitored items in total
If you perform a Download Change operation and the changes to the control application are
significant—for example, adding or deleting 2,000 or more tags—clients connected to the
embedded OPC UA Server may experience a Data Access loss of view for one or two scan times.
If you halt the application running on the controller, connected clients will experience the
following:
• No data updates
• No alarm updates
• No loss of view
• The server state changes from RUNNING (0) to SUSPENDED (3)
may be the root of a hierarchy of event sources, that is, Objects that represent the source of
event notifications.
The embedded OPC UA Server on the CIM supports the following Alarms and Conditions
(A & C) profiles from the Server category:
• A & C Address Space Instance Server Facet—This facet specifies the support required
for a Server to expose Alarms and Conditions in its address space.
• A & C Alarm Server Facet—This facet specifies the support for basic alarm
functionality.
The following table describes the optional conformance units supported from the
A & C Alarm Server Facet.
A&C
Conformance Description
Unit
A & C Comment Supports Comments, includes AddComment method
A & C Trip Supports Trip Alarm type
• A & C Acknowledgeable Alarm Server Facet—This facet adds support for the
acknowledgement of alarms.
The following table describes the optional conformance units supported from the
A & C Acknowledgeable Alarm Server Facet.
A&C
Conformance Description
Unit
A & C Confirm Supports confirming Conditions, includes Confirm method
• A & C Exclusive Alarming Server Facet—This facet adds support for alarms with
multiple sub-states that identify different limit Conditions.
The following table describes the optional conformance units supported from the
A & C Exclusive Alarming Server Facet.
A&C
Conformance Description
Unit
A & C Exclusive Supports Exclusive Level Alarm type
Level
A & C Exclusive Supports Exclusive Deviation Alarm type
Deviation
A & C Exclusive Supports Exclusive RateofChange Alarm type
RateofChange
The embedded OPC UA Server on the CIM does not support shelving or suppressing of alarms.
TS1131 TS1131
TS1131 TS1131 UA Alarm UA UA
Alarm Process
Active Acknowledged Condition Active Acknowledged
Condition State
High
High Normal Acked
Inactive
Not Low
Low
normal Active
Not
Low Low Ack
normal
Low
Low Normal
Inactive
Low
Low Normal Acked
Inactive
Not LowLow
LowLow
normal Active
Not LowLow
LowLow
normal Acked
LowLow
LowLow Normal
Inactive
LowLow
LowLow Normal Acked
Inactive
Not Trip
Trip
normal Active
Not Trip
Trip
normal Acked
Trip
Trip Normal
Inactive
Trip
Trip Normal Acked
Inactive
Normal Normal Normal
The numbers listed below are what the CIM can handle without losing events. For the
one minute burst, this means that the CIM was experiencing a several-second delay in
reporting the alarm, but that the alarm was reported and no events were lost during the
one minute.
300 Configured
Alarms
Scan SOE Continuous Alarm One minute
time size Alarms Burst burst
275 20000 30 300 40
450 20000 50 300 60
275 10000 30 300 40
450 10000 50 300 60
275 4000 30 300 40
450 4000 50 300 60
275 2000 30 260 40
450 2000 50 270 60
275 1000 30 140 40
450 1000 50 150 60
100 Configured
Alarms
Scan SOE Continuous Alarm One minute
time size Alarms Burst burst
125 10000 30 100 40
125 4000 30 100 40
125 2000 30 100 40
125 1000 30 100 40
Security Policy
The embedded OPC UA Server on the CIM supports the following Security Policy profiles from
the Security category:
• SecurityPolicy - None—This Security facet defines a Security Policy used for
configurations with the lowest security needs. This Security Policy can affect the
behavior of the CreateSession and Activate Session services. It also results in a
SecureChannel which has no Channel Security. By default this Security Policy should
be disabled if any other Security Policies are available.
• SecurityPolicy - Basic128Rsa15—This Security facet defines a Security Policy for
medium to highly secure configurations.
• SecurityPolicy - Basic256—This Security facet defines a Security Policy for
configurations with high security needs.
The embedded OPC UA Server on the CIM does not support the Security User Name and
Password conformance unit.
Certificate Authority
In cryptography, a certificate authority (also known as a certification authority) is an entity that
issues digital certificates for use by other parties. It is an example of a trusted third party.
Certification authorities (CAs) are characteristic of many public-key infrastructure (PKI)
schemes.
There are many commercial CAs that charge for their services. There are also several providers
issuing digital certificates to the public at no cost. Institutions and governments may have their
own CAs.
If a user trusts the CA and can verify the CA’s signature, then the user can also verify that a
certain public key does indeed belong to whoever is identified in the certificate.
Public Key
The Public Key is shared via the certificate to decrypt and validate the message from the user.
Private Key
The Private Key is only known by the user and must be kept secret. It is used for signing and
encrypting messages.
Address Space
An address space contains a set of nodes that are hierarchically organized. Typical OPC API
address spaces operate independently, preventing nodes in one address space from referencing
those in another and requiring client applications to correlate items between them. OPC UA
integrates these separate address spaces and allows servers to define named subsets of the
address space that are independently browseable. These subsets are called views, and clients
access them as though they are independent address spaces. The servers can define and restrict
views to specific users or groups of users, which optimizes views for specific clients.
There are four views available to a user:
• Flat—Contains all user-defined tags within the system. Any tag defined in TriStation
will show up in the Flat view, except for tags declared as aliased memory points.
System attributes that are assigned an alias number will also be visible in the Flat view.
Note that you cannot assign aliased system attributes to a hierarchical data structure;
however, in addition to the Flat view, they will also be visible in the System view, along
with the other system attributes.
• Area—Organized in a hierarchical structure by Area, Equipment, and Safety
Instrumented Function (SIF).
• System—Contains all status variables for the system. All module and system attributes
are visible in the System view. Note that you do not have to assign alias numbers to
module and system attributes; however, ones that are assigned alias numbers will also
be visible in the Flat view.
• Groups—Organized in a hierarchical structure; Group 1, a higher level directory, and
Group 2, a lower level directory and a component of Group 1.
All the views are in alphabetical order.
The OPC UA Server provides a hierarchical view of Area, Equipment, and SIF used to define
the hierarchy.
The status of the OPC UA server is available in the Server address space. The Status node gives
the current status of the OPC UA server. The supported values are:
• RUNNING (0)—The OPC UA server is running normally.
• SUSPENDED (3)—The OPC UA server is not receiving data updates from the
controller. This corresponds to the control program being in a HALTED or PAUSED
state.
The following figure shows the defined hierarchy for the Trident or Tri-GP system:
MP Attributes
System
Attributes CIM-Left
MP CIM-Right
System
Tag 2
Flat
...
Group2 B Tag 2
Groups
Objects
... ...
Group2 x Tag n
Group1 B
...
Level Alarm
Group1 x
...
Area x
SOE Events
Server Status
Server
System Events
Trident Events Notifier
Tag1.Level
Process Alarms
Alarm
Name Description
AuditOpenSecureChannelEventType This is a subtype of AuditChannelEventType and is used
for events generated from calling the
OpenSecureChannel service. Services are a collection of
abstract Remote Procedure Calls (RPC) that are
implemented by OPC UA Servers and called by OPC UA
Clients. All interactions between OPC UA Clients and
Servers occur via these services. These services are
considered abstract because no particular RPC
mechanism for implementation is defined.
AuditCreateSessionEventType This is a subtype of AuditSessionEventType and is used
for events generated from calling the CreateSession
service.
AuditUrlMismatchEventType This is a subtype of AuditCreateSessionEventType and
is used for events generated from calling the
CreateSession service, if the EndpointUrl used in the
service call does not match the server’s HostNames.
AuditActivateSessionEventType This is a subtype of AuditSessionEventType and is used
for events generated from calling the ActivateSession
service.
AuditCancelEventType This is a subtype of AuditSessionEventType and is used
for events generated from calling the Cancel service.
AuditCertificateDataMismatchEventType This is a subtype of AuditCertificateEventType and is
used only for categorization of certificate-related events.
This type follows all attributes of its parent type. This
audit event is generated in the following situations:
• If the host name in the URL used to connect to the
server is not the same as one of the host names
specified in the Certificate
• If the application and software certificates contain an
application or product URI that does not match the
URL specified in the application description
provided with the certificate.
AuditCertificateExpiredEventType This is a subtype of AuditCertificateEventType and is
used only for categorization of certificate-related events.
This type follows all attributes of its parent type. This
audit event is generated if the current time is not after
the start of the validity period and before the end of the
validity period.
AuditCertificateInvalidEventType This is a subtype of AuditCertificateEventType and is
used only for categorization of certificate-related events.
This type follows all attributes of its parent type. This
audit event is generated if the certificate structure is
invalid or if the certificate has an invalid signature.
Name Description
AuditCertificateUntrustedEventType This is a subtype of AuditCertificateEventType and is
used only for categorization of certificate-related events.
This type follows all attributes of its parent type. This
audit event is generated if the certificate is not trusted,
that is, if the issuer certificate is unknown.
AuditCertificateMismatchEventType This is a subtype of AuditCertificateEventType and is
used only for categorization of certificate-related events.
This type follows all attributes of its parent type. This
audit event is generated if a certificate’s set of uses does
not match the use requested for the certificate (that is,
application, software, or CA).
AuditWriteUpdateEventType This is a subtype of AuditUpdateEventType and is used
for categorization of write update-related events. This
type follows all attributes of its parent type.
For more information on secure communication and digital certificates, see Secure
Communication and Digital Certificates on page 11. For procedures on managing certificates,
see the TriStation 1131 Developer’s Guide.
Redundant Configuration
The embedded OPC UA Server can be configured for dual redundancy by using two CIMs. One
of the CIMs must be on the primary network and the other on the redundant network. You
configure properties for the primary and redundant CIMs by using TriStation 1131 software.
Note that the client is responsible for switching from the primary to the redundant OPC UA
Server.
For <IP address>, enter the IP address of the port on your CIM (NET 1 or NET 2) that is
configured for OPC UA communication. The default TCP port number used for OPC UA
communication is 4840. You will need to change the port number only if it has been changed to
something other than 4840 in your TriStation 1131 project.
Notes
• When you perform a Download All operation, the OPC UA Server terminates and will
restart after the control program finishes downloading. When the server terminates,
clients are disconnected and must be reconnected after the server restarts. Additionally,
it could take up to three minutes for the address space to be fully populated, even
though a client will be able to connect to the OPC UA Server as soon as it restarts.
• After you perform a Download Changes or Download All operation, new subscription
requests or monitored item requests to existing subscriptions will be refused while the
OPC UA Server is updating the address space.
• If a connected OPC UA client abnormally shuts down, the OPC UA Server will take the
amount of time specified by the client for “session timeout” to recognize that the
connection has been lost. During this time, you cannot connect another client if the
maximum of 10 clients had been connected when the OPC UA client abnormally shut
down. Note that the OPC UA Server will allow a maximum of 10 minutes for session
timeout.