Creating an OPC UA Connection

Before you can use Open Platform Communications Unified Architecture (OPC UA) for data connectivity in GENESIS, you need to set up a connection between your OPC UA server and your FrameWorX server.

For more details on OPC and OPC UA protocols, refer to OPC Introduction and Getting the OPC UA Server URL.

To establish a connection between GENESIS and an OPC UA Server, you need the following prerequisites:

  • An OPC UA server with an open network port or on the same machine as GENESIS is installed and running. We recommend using a certificate for secure communication.

  • The OPC UA application is included in your GENESIS project in the Workbench. For more information on managing applications in your project, refer to Application(s) Settings Overview
  • The ICONICS OPC UA Point Manager service is running.

To create an OPC UA connection in Workbench:

  1. Open Workbench and in Project Explorer, expand your project > Data Connectivity > OPC UA.

    Workbench - Expand Connections

  2. Double click OPC UA Connections and in the Connections pane of the OPC UA Connections dialog, select Click here to add new item.

    Workbench - Tab OPC UA Connections

  3. In Connection Settings in Name, enter a unique name of the OPC connection.
  4. In Server URL, enter the URL that consists of the following elements:

    • Protocol, which is opc.tcp.
    • Domain name, such as myopcserver.mycompanydomain.com. If the OPC UA Server runs on the same machine, use localhost.
    • Port number that was set up in the OPC UA server configuration properties. In the example, it is 52250.

      The port 52250 is specific to DeviceXPlorer OPC Server.

    Example:

    opc.tcp://localhost:52250/

    It represents the local instance of DeviceXPlorer OPC Server listening on port 52250.

  5. Configure the following settings:

    • Fallback To: Defines what happens in case the preferred endpoint is not found—whether the connection should use the most secured or the least secured (or unsecured) endpoint. For the production environment, select Fallback to the maximum security available.
    • Disable Domain Check: When unselected, the domain name contained in the server certificate must match the domain name in the Server URL parameter. Selecting the check box disables this test; although it is less secure, it may be the only option in case the server certificate contains a domain, such as mycompany.com, while the Server URL contains the IP address of the server.
    • Browsing Mode: Specifies how the point names for the given server should be constructed, whether they should be based on the node IDs, or on the browse paths.

      • Always Node ID: The point names will contain node IDs, which directly identify the objects in the server. It is the recommended option as it is fast and reliable. However, the node IDs are not guaranteed to be human-readable (this depends on the server implementation).
      • Always Browse Path: The point names will be based on the browse path, which defines how to get to the given object. The browse paths are hierarchical and human-readable but they must be translated to node IDs before you can use them, which may be a lengthy operation for many servers.
      • String Node ID, otherwise Browse Paths: A combination of the two options above. The node ID is used in case it is in a text format, otherwise the browse path is used.
    • Authentication Mode: Defines how the UA server authenticates a user. This is server-dependent; user support is optional. For DeviceXPlorer OPC Server, you can leave it as Anonymous.
      • Anonymous: There is no user support or no user should be logged in.
      • Username and Password: Users are authenticated by their credentials.
      • Certificate: Users are authenticated by their certificate.

        This is a different certificate than the one for communication encryption. This certificate identifies the actual user as a person.
  6. In Prefered Endpoint, click next to the field, and then select the desired OPC UA endpoint from the drop-down list. Sign And Encrypt - Basic256Sha256 - UA-TCP-SC UA-Binary (52250). The endpoint must match the configuration of the OPC Server (in this case, Sign And Encrypt - Basic256Sha256 - UA-TCP-SC UA-Binary (52250)).

    Workbench - OPC UA endpoints

  7. Click Test Connection. When the Success message is displayed, click OK, and then click Apply.

    OPC UA - Successful Test Connection

  8. In the right pane in Data Browser, expand Data Connectivity > OPC UA > My OPC UA Connection to see the new connection.

    OPC UA - Connection Working on Data Browser