Skip to main content
SpringerLink
Log in

On the Feasibility and Performance of Secure OPC UA Communication with IIoT Devices

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security (SAFECOMP 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13414))

Included in the following conference series:

Abstract

OPC UA is an evolving communication protocol for industrial automation and the Industrial Internet of Things (IIoT). To protect against network attacks, OPC UA has built-in security mechanisms that can ensure the communication authenticity, integrity, and confidentiality. Since IIoT devices may be battery-powered, built into tiny chassis, or operate in hazardous environments, OPC UA must be suited for resource-constrained devices with limited power consumption and computational resources. However, secure OPC UA communication with such resource-constrained devices has not been investigated so far. This practical experience report analyzes the feasibility and performance of secure OPC UA communication with IIoT devices. To this end, an OPC UA server is implemented on an exemplifying resource-constrained industrial device. The implementation process presented several challenges, including adapting a lightweight cryptographic library to the peculiarities of OPC UA. To investigate under which conditions secure OPC UA communication is realizable, the runtime overhead, memory footprint, and power consumption are evaluated and discussed for various usage scenarios. The evaluation reveals certain bottlenecks, such as long connection times, low number of parallel sessions, limited concurrency, and high memory demands. Based on the evaluation, recommendations on the software, hardware, and usage scenarios are given.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    See “Asynchronous Crypto and PKI APIs” in [20]

References

  1. ARM Limited: Mbed TLS (previously PolarSSL) (2022). https://tls.mbed.org/

  2. Burger, A., Koziolek, H., Rückert, J., Platenius-Mohr, M., Stomberg, G.: Bottleneck identification and performance modeling of OPC UA communication models. In: ACM/SPEC International Conference on Performance Engineering (2019)

    Google Scholar 

  3. Cavalieri, S., Cutuli, G.: Performance evaluation of OPC UA. In: 2010 IEEE 15th conference on emerging technologies & factory automation (ETFA). IEEE (2010)

    Google Scholar 

  4. Cenedese, A., Frodella, M., Tramarin, F., Vitturi, S.: Comparative assessment of different OPC UA open-source stacks for embedded systems. In: 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1127–1134. IEEE (2019)

    Google Scholar 

  5. Cho, H., Jeong, J.: Implementation and performance analysis of power and cost-reduced OPC UA gateway for industrial IoT platforms. In: 2018 28th International Telecommunication Networks and Applications Conference (ITNAC). IEEE (2018)

    Google Scholar 

  6. Federal Office for Information Security (BSI): OPC UA Security Analysis. Germany, Bonn, Germany, April 2017

    Google Scholar 

  7. Grüner, S., Pfrommer, J., Palm, F.: Restful industrial communication with OPC UA. IEEE Trans. Ind. Inform. 12(5), 1832–1841 (2016)

    Article  Google Scholar 

  8. International Electrotechnical Commission (IEC): IEC TR 62541 (2016)

    Google Scholar 

  9. International Electrotechnical Commission (IEC): IEC 62443 (2018)

    Google Scholar 

  10. International Electrotechnical Commission (IEC): IEC 60079-47 Explosive atmospheres - Part 47: Equipment protection by 2-Wire Intrinsically Safe Ethernet concept (2-WISE) (2021)

    Google Scholar 

  11. Kiviharju, M.: On the fog of RSA key lengths: verifying public key cryptography strength recommendations. In: 2017 International Conference on Military Communications and Information Systems (ICMCIS), pp. 1–8. IEEE (2017)

    Google Scholar 

  12. Kohnhäuser, F., Meier, D., Patzer, F., Finster, S.: On the security of IIoT deployments: an investigation of secure provisioning solutions for OPC UA. IEEE Access 9, 99299–99311 (2021)

    Article  Google Scholar 

  13. Lasi, H., Fettke, P., Kemper, H.-G., Feld, T., Hoffmann, M.: Industry 4.0. Bus. Inf. Syst. Eng. 6(4), 239–242 (2014). https://doi.org/10.1007/s12599-014-0334-4

    Article  Google Scholar 

  14. Morato, A., Vitturi, S., Tramarin, F., Cenedese, A.: Assessment of different OPC UA implementations for industrial IoT-based measurement applications. IEEE Trans. Instrum. Measur. 70, 1–11 (2020)

    Article  Google Scholar 

  15. Mühlbauer, N., Kirdan, E., Pahl, M.O., Carle, G.: Open-source OPC UA security and scalability. In: 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), vol. 1, pp. 262–269. IEEE (2020)

    Google Scholar 

  16. OPC Foundation: OPC 10000-2 Unified Architecture Part 2 Security Model (2015)

    Google Scholar 

  17. OPC Foundation: OPC 10001-4 Unified Architecture Amendment 4 ECC (2020)

    Google Scholar 

  18. Pfrommer, J., Ebner, A., Ravikumar, S., Karunakaran, B.: Open source OPC UA PubSub over TSN for realtime industrial communication. In: 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA), vol. 1, pp. 1087–1090. IEEE (2018)

    Google Scholar 

  19. Profanter, S., Tekat, A., Dorofeev, K., Rickert, M., Knoll, A.: OPC UA versus ROS, DDS, and MQTT: performance evaluation of industry 4.0 protocols. In: 2019 IEEE International Conference on Industrial Technology (ICIT), pp. 955–962. IEEE (2019)

    Google Scholar 

  20. Unified Automation: High Performance OPC UA Server SDK (2022). https://unified-automation.com/products/server-sdk/highperf-ua-server-sdk.html

  21. Unified Automation: UaExpert - A Full-Featured OPC UA Client (2022). https://unified-automation.com/products/development-tools/uaexpert.html

  22. Vázquez, F.G.: Test platform for the performance evaluation of opc-ua servers for fast data transfer between intelligent equipment. In: The fourth international conference on intelligent systems and applications. p. 193 (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ABB Corporate Research Center, 68526, Ladenburg, Germany

    Florian Kohnhäuser, Nicolas Coppik & Francisco Mendoza

  2. Department of Informatics, Technical University of Munich, Munich, Germany

    Ankita Kumari

Authors
  1. Florian Kohnhäuser
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nicolas Coppik
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Francisco Mendoza
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ankita Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Florian Kohnhäuser .

Editor information

Editors and Affiliations

  1. Fraunhofer IKS, Munich, Germany

    Mario Trapp

  2. University of Erlangen-Nuremberg, Erlangen, Germany

    Francesca Saglietti

  3. University of Erlangen-Nuremberg, Erlangen, Germany

    Marc Spisländer

  4. Thales Deutschland GmbH, Ditzingen, Germany

    Friedemann Bitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kohnhäuser, F., Coppik, N., Mendoza, F., Kumari, A. (2022). On the Feasibility and Performance of Secure OPC UA Communication with IIoT Devices. In: Trapp, M., Saglietti, F., Spisländer, M., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2022. Lecture Notes in Computer Science, vol 13414. Springer, Cham. https://doi.org/10.1007/978-3-031-14835-4_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-14835-4_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-14834-7

  • Online ISBN: 978-3-031-14835-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation