This part of IEC 62541 describes the OPC Unified Architecture (OPC UA) security model. It
describes the security threats of the physical, hardware and software environments in which
OPC UA is expected to run. It describes how OPC UA relies upon other standards for
security. It gives an overview of the security features that are specified in other parts of the
OPC UA specification. It references services, mappings, and profiles that are specified
normatively in other parts of this series of standards.
Note that there are many different aspects of security that have to be addressed when
developing applications. However since OPC UA specifies a communication protocol, the
focus is on securing the data exchanged between applications.
This does not mean that an application developer can ignore the other aspects of security like
protecting persistent data against tampering. It is important that the developer look into all
aspects of security and decide how they can be addressed in the application.
This part of IEC 62541 is directed to readers who will develop OPC UA client or server
applications or implement the OPC UA services layer.
It is assumed that the reader is familiar with Web Services and XML/SOAP. Information on
these technologies can be found in SOAP Part 1 and SOAP Part 2.