OPC Foundation

OPC Foundation publishes Recommendations for Secure Configuration and Operation of OPC UA

Press Releases | By OPC Foundation | 13 December 2017
The workgroup led by Uwe Pohlmann, Fraunhofer IEM, presents guidelines for the use and secure configuration of OPC UA. The workgroup led by Uwe Pohlmann, Fraunhofer IEM, presents guidelines for the use and secure configuration of OPC UA. Photo: OPC Foundation

How to realize secure data exchange and communication in industry? The OPC Foundation Security User Group answers this question by publishing its first whitepaper “Practical Security Recommendations”.

Rapid growth in the networking and digitization of industrial systems has introduced a host of new security challenges that must be addressed systematically to be effectively mitigated. In particular, beyond the need for implementing secure network infrastructures, it is essential to protect product and production data moving throughout the systems.

Device vendors, engineers, and system integrators need to ensure they use these technologies in a secure way. While industry acknowledges the need for data security and that the OPC UA standard offers the means to do so – OT and IT professionals alike are often unsure on how to best get started.

“Currently, users and developers are overwhelmed with making security decisions during their daily job. Incorrect use of security features causes many security vulnerabilities, due to difficulties to use software and a lack of security knowledge. Documentation, tutorials, and good examples are often missing”, says Prof. Dr. Eric Bodden, professor of Software Engineering at Paderborn University and director of Software Engineering at Fraunhofer IEM.

To help address this challenge, the OPC Foundation established a security user group which is led by Uwe Pohlmann, Fraunhofer IEM and Prof. Dr.-Ing. Axel Sikora, Hochschule Offenburg. The aim of this group is to develop best practices and guidelines for typical OPC UA security use cases.

The German government sanctioned Intelligent Technical Systems OstWestfalenLippe (it’s OWL) organization supplied the group with key use cases and requirements to help ensure output from the group best addresses users’ real-world orientation and practical knowledge needs.

Members of the Security User Group are: Ascolab, Beckhoff Automation, DS Interoperability, exceet Secure Solutions, Fraunhofer IEM, Hochschule Offenburg, Microsoft Corporation, Software AG, Sparhawk Software Inc, and TE Connectivity.

The document is available via the OPC Foundation website.

A second whitepaper presenting best practices and selected use cases for a secure implementation and operation of OPC UA is expected to be released in 2018.

Last modified on Wednesday, 13 December 2017 09:07
RFID & Wireless IoT tomorrow 2019
RFID and Wireless IoT tomorrow 2019Europe's largest congress for RFID & Wireless IoT
October 29. - 30. 2019
Darmstadtium, Darmstadt near Frankfurt, Europe
Conference | Exhibition | Live demos
We look forward to meet you!