OPC UA – The Security Solution for the Internet of Things

The Dangers of Putting Devices on the Internet

The Internet of Things (IoT) is a vision of a world where billions of smart devices collaborate with each other across the Internet. The potential applications are numerous, however, so are the risks since devices exposed to the Internet can and will be hacked. To mitigate these risks many factory operators are turning to brokers that support protocols such as MQTT or AMQP. These protocols allow devices to be kept secure behind a firewall but still be able to communicate with peer devices and cloud-based applications. Unfortunately, these solutions require that the factory operators send potentially sensitive information via a broker managed by a third-party provider. This is not acceptable for many applications. Fortunately, OPC UA has an end-to-end security solution that ensures privacy and integrity of data sent via a broker.

Enhancing OPC UA with Publish-Subscribe

OPC UA PubSub is an extension to the popular OPC UA protocol which allows applications publish messages to multiple subscribers via middleware, such as an MQTT broker. OPC UA PubSub messages can be formatted in XML, JSON, or efficient OPC UA Binary. When using the latter, publishers can encrypt and digitally sign messages before they are sent to a broker which ensures that no one other than the intended recipient will be able to read or modify the messages. This protects the publisher’s data even if the broker stores in message on disk while it is waiting for delivery.

Making it all work by Sharing Keys

Publishers and subscribers need to share keys before they can communicate securely. This is done by using the special OPC UA server called a “Security Key Service” (SKS). Applications that need keys provide their credentials securely to the SKS using an OPC UA client-server protocol. The SKS determines whether they have access to the keys requested and returns one or more keys. Multiple keys are needed because they change regularly. This ensures that, if necessary, applications can be removed from the system within a reasonable time.

Security is great but what about metadata?

The rich OPC UA information model allows applications to represent their systems using terms and constructs that match the application domain. This information model is an important part of OPC UA PubSub too because it provides the framework used to describe the contents of messages sent to broker. The OPC UA PubSub specification defines mechanisms for notifying subscribers that the structure of the messages has changed and allow publisher to send the new metadata in or out of band. Other solutions expect subscribers to handle known message contents or rely on ad hoc rules to parse JSON or XML.

The Way Forward

Any factory operator looking to leverage the IoT will benefit from the security toolbox provided by OPC UA that helps ensure privacy and integrity when data flows throw systems managed by third parties. The toolbox becomes second to none when combined with the OPC UA information modelling framework and the wide adoption with many off the shelf OPC products.

Randy Armstrong
OPC UA Security WG Chair
Sparhawk Software