The Federal Office for Information Security ( BSI ) has updated the «Security Analysis for OPC UA ( Open Platform Communications – Unified Architecture )». The BSI study provides an assessment of the specified and implemented security functions of OPC UA . This is a uniform and globally recognized industrial protocol that provides the necessary cryptographic mechanisms for secure factory and process automation. It is also a central building block for Industry 4.0.
The comprehensive analysis of the security functions in the specification of OPC UA has confirmed that OPC UA does not contain any systematic security gaps. In addition, a selected reference implementation of the OPC Foundation was checked with regard to the implementation of these security functionalities.
The study was carried out on behalf of the BSI under the leadership of the Fraunhofer Institute for Optronics, Systems Engineering and Image Exploitation (IOSB) with the support of the Fraunhofer Institutes for Design Technology Mechatronics (IEM) and Communication, Information Processing and Ergonomics (FKIE).
The study offers companies in the field of industrial automation an overview of the security functions of the OPC UA protocol . It supports the wide use of safety functions and thus contributes to greater safety in industrial control systems.