PRTG: the all-in-one monitoring solution for IT/OT environments
In the context of a converged IT (information technology) and OT (operational technology) setup, OPC UA data can also be used to enhance the overall capabilities of an all-in-one monitoring system like PRTG.
OPC UA is a platform-independent communication framework that runs on any software platform like Windows, Linux, macOS, or Android. From simple, embedded controllers to massive cloud infrastructure. It is equally suited for use on premises, inside a closed network or to establish connectivity to a cloud platform via the internet. Security is baked into the protocol for access control, authentication, and encryption. Because of its flexibility, OPC UA has been widely adopted in industries like automotive, food and beverage, oil and gas, energy and utilities, packaging, and building automation. PRTG offers these built-in OPC UA sensors:
OPC UA Certificate sensor
OPC UA Custom sensor
OPC UA Server Status sensor
Beckhoff IPC System Health sensor
Get an overview of OT network components in your supervisory and control systems
You want the FULL overview of your OT environment in your supervisory and control systems – including the network components like routers, switches, firewalls, and more. Paessler PRTG OPC UA Server brings monitoring data from your OT network and the IIoT into your control overview to give you centralized monitoring and alarms. See everything in one place.
The advantages of device monitoring using OPC UA with PRTG
The ability of PRTG Network Monitor to monitor devices using OPC UA, Modbus, MQTT and more means that it is
an all-in-one monitoring solution that can combine the IT and OT worlds in one single overview.
Easy OT monitoring
Monitoring does not have to be complicated. With the OPC UA sensors included in PRTG, you can monitor your OT devices without much configuration effort by providing a user-centric GUI to simply add devices, define notifications and create fully customized dashboards. This way, you easily get an overview of your whole plant!
In industrial IT environments, many OT devices cannot be monitored with traditional IT monitoring methods or protocols. However, these two worlds are becoming more and more convergent. PRTG combines these two worlds giving you over 20 years of IT monitoring experience and widely used industry protocols like OPC UA, Modbus, and MQTT.
When monitoring OT components, one of the most important goals is predictive maintenance. Prevent malfunctions and failures to avoid that production lines stop and high costs are incurred. OPC UA monitoring with PRTG reliably informs you about the state of the various components of your production line.
Want to know in detail, what OPC UA is? Read on!
OPC UA stands for OPC Unified Architecture. It is an extensible, platform-independent standard that enables the secure exchange of information in industrial systems. In 2008, OPC UA was released by the Open Platform Communications (OPC) Foundation, which regulates and maintains the interoperability standard, protocols, and specifications for data communication, mainly in industrial automation operations.
OPC UA is compatible with Windows, macOS, Android, and Linux. It can also be used in embedded systems and bare-metal systems, which do not use an operating system. OPC UA works on PCs, cloud-based infrastructures, PLCs, micro-controllers, and cyber physical systems (CPS).
The goal of OPC UA is to enhance interoperability between hardware devices, and enterprise planning and automation software by providing a framework for industrial companies to converge disparate technologies.
OPC Classic, the predecessor of OPC UA, relies on Microsoft technologies while OPC UA is platform independent.
OPC Classic does not have built-in security for access control, authentication, and encryption. OPC UA enables data encryption at the data source, ensuring secure transmission without relying on network firewalls at the system’s core. This means security is ensured from the start of the data’s transmission, instead of being confirmed only when it reaches a network’s firewall. OPC UA implements cross-platform security based on the public key infrastructure (PKI) using industry standard x.509 digital certificates.
In contrast to OPC UA, OPC Classic does not support dynamic information modeling, which allows manufacturers to define custom data models depending on the requirements of their industry.
In OPC UA, OPC Classic specifications provide functional modules that can be queried ad hoc. These specifications are OPC DA (Data Access), OPC AE (Alarms and Events), OPC Security, OPC Batch, OPC Command, OPC XML, OPC Data Exchange (DX), and OPC HAD (History Access Data). They are usually referred to collectively as OPC Classic or simply OPC. In OPC UA, they are called profiles. For example, the OPC DA standard is an OPC UA DA profile.
These profiles make up a layer that lies on top of the base layer of OPC UA, which runs common services. All OPC UA profiles use the same common code base whereas, in an OPC Classic setup, each standard has its own code base, which creates duplications in systems where more than one OPC Classic specification is implemented.
Using models, OPC UA specifies basic rules for exposing data to any application or device that wants to consume it. OPC UA itself is an information-centric data model. It comprises a generic object model with an extensible type system with built-in models for data access. These built-in models specify functions such as alarms and events information, information about historic data, data access details, device descriptions, and to execute programs.
Data can also be accessed through custom models, which are referred to as companion models. These are used in different industries like injection molding machine manufacturing or robotics engineering.
Data flow and connections
OPC UA supports communication between components on five levels in industrial organizations: enterprise, management, operations, control, and field (vendor-specific devices).
Devices expose their data through OPC UA, which enables the transport of this information over a network to a consuming application using standard web services. Data is transported using IP-based protocols and SOAP whereby low-end servers may use UA TCP. Using standard SOAP web services over HTTP allows non-OPC UA clients to request data published by an OPC UA server.
Bridging and gateway software known as OPC UA wrappers enable the flow of data on vendor-specific hardware between OPC UA levels. OPC UA wrappers can also be used to migrate from OPC Classic to OPC UA, or when an OPC server supports UA but an OPC client does not.
Service-oriented architecture (SOA)
OPC UA is based on the SOA client-server communication framework. In OPC UA, there are OPC UA servers and OPC UA clients.
An OPC UA server provides an OPC UA client with applications and control systems, for example MES and SCADA, and with secure access to industrial automation data using OPC UA information models that specify the way data is organized, stored, and collected. The term OPC UA server refers to the OPC UA software standard on the machine, not the hardware itself, which could be a virtual server.
An OPC UA client is a client that can support an OPC UA information model. OPC UA clients request data from and write data to components in a system via OPC UA servers.
SOA systems like OPC UA integrate disparate applications over a network and connect devices on different network nodes.
A node is the basic unit of data in the OPC UA address space, which provides a standard way for OPC UA servers to represent objects to OPC UA clients. Nodes are pieces of information (for example, a unique temperature) and consist of attributes, the actual data value, and one or more references to other nodes, each in its own address space. A unique temperature will therefore take up multiple addresses in an address space.
Nodes are referenced by a unique node ID: a namespace URI (unique resource identifier), a data type, and the identifier itself. Each node belongs to a specific namespace. The namespace URI is located in a separate namespace table on the OPC UA server. The namespace table stores separate URIs for information models used by individual organizations that have their own requirements for how data should look and behave. This allows OPC UA to extend its services without changing the underlying design of the standard.
In OPC UA, nodes have multiple classes that enable the creation of variants on the basic node. There are eight core node classes in OPC UA, including objects (physical entities), methods (functions that store data when queried), and variables (actual data).
Object node classes in OPC UA are the key to how it can create complex data and distinguish between similar but different entities, for example a temperature sensor for an air conditioner and a temperature sensor for a boiler.
The OPC UA standard itself does not do anything. The standard is a collection of specifications (OPC UA protocols) that define guidelines for communication between servers and clients, including rules for different functions and data structures.
OPC UA has the following specifications: Overview and Concepts, Security Model, Address Space Model, Services, Information Model, Mappings, Profiles, Data Access, Alarms and Conditions, Programs, Historical Access, Discovery and Global Services, Aggregates, PubSub, Safety, and Alias Names. Each specification was designed to address a common problem in industrial systems’ communication networks.
For example, the Alarms and Conditions specification provides a solution to the challenge of standardizing how event and alarm information is pushed from field devices to applications. The Historical Access specification addresses the challenge of standardizing how historical data is accessed in auditing processes. The Programs specification includes information on how developers should handle return codes in their code, among others.
OPC UA is used in industrial systems, for example oil and gas, agriculture, medical and pharmaceutical, critical services like electricity grids and sewerage treatment plants, and IoT systems like smart city applications.
Common OPC UA applications include device diagnostics, asset management, production management, quality control, data acquisition, enterprise reporting, data security, data integration for GUI interfaces, remote worker support, and event monitoring.
Real-world examples include monitoring the uptime of security cameras, sending out alerts for malfunctioning sensors, controlling office temperatures, remotely managing automated machines, estimating workloads, linking embedded devices, and supporting remote workers.
OPC UA also supports the industrial internet of things (IIoT). For example, OPC UA may be used to push data from embedded devices like temperature sensors to the cloud, for example to analyze usage and equipment efficiency.
OPC UA’s use of objects to retrieve data provides an efficient way for systems to retrieve small amounts of context-specific information for remote workers as they need it for a specific task. Alternatively, objects may be queried to view all the data for an entire plant’s operations, for example to create graphical user interfaces for ERP systems, resource allocation applications, and accounting systems.
Where synchronization is needed between devices at remote locations, and resource planning and manufacturing control systems, OPC UA enables vertical data exchange between heterogeneous drivers and high-level applications.
OPC UA strengthens industrial security applications. OPC UA events management protocols may automatically shut down a plant in the event of a cyberattack on field devices, and isolate affected networks or allow limited access to specific networks, enabling business continuity while the attack is investigated.
Historically, the automation pyramid in industrial systems is a hierarchical structure that describes the flow of information from low-level devices like controllers, sensors, or meters to high-level ERP applications. In the opposite direction is a control flow, from high-level ERP applications to low-level devices. Low-level components are connected via MES networks through PLC and HMIs.
OPC UA does away with this pyramid structure by decentralizing system components and facilitating the use of more flexible data modeling structures in a mesh network. OPC UA achieves this by defining consistent data structures that all components use, for example an ERP application and a field sensor can both use the same information model.
OPC UA enables business intelligence applications to source raw data from a wide range of real-time, event, and historical data sources.
Historically, industrial systems ran on Windows-based software. OPC UA is platform agnostic; industrial systems can integrate software from any vendor, using any operating system. OPC UA can be implemented on embedded systems and in the cloud.
OPC UA is future proof. It enables organizations to develop scalable SCADA systems so that existing plant equipment can integrate with new software modules without additional configuration. An example of this is in the gas and oil industry, where data from calibration, metering, and flow meter sensors can be gathered remotely, freeing up site inspectors from physically checking the installation.
OPC UA has plug-and-play capability. When new remote plants are added to an organization or new suppliers are commissioned, OPC UA can automatically discover their networks, configure them, and integrate them into the company network.
OPC UA interoperability allows end users to build custom industrial systems using devices and software from different vendors.
Some proprietary software manufacturers have reported device-specific limitations, for example between an OPC UA server and General Electric's iFIX, and HMI/SCADA components used in the company's software automation products. These limitations include a lack of support for specific features like Electronic Signature, Enhanced Failover, and historical data sources.
In the real world, OPC UA typically manages the exchange of data between MES and SCADA information systems and between low-level devices. It is ideally suited to system monitoring and reporting. Despite being designed to manage interoperability between heterogeneous devices, it has been criticized as being inflexible when handling varied data structures from different vendors, and complicated to implement.
In the sphere of industrial manufacturing, the terms Industry 4.0 and the Fourth Industrial Revolution are used interchangeably to refer to the trend of increased automation, with a focus on device interconnectivity, machine learning, and the Internet of Things among others.
The primary features of OPC UA, which are built-in security, information modeling capability, automated device discovery, scalability, use of semantic data, and protocol standardization, address the requirements for Industry 4.0 compliance.
One of the main challenges for Industry 4.0 in manufacturing is the collection of real-time data from low-level devices. OPC UA allows an industrial organization to embed an OPC UA server in all its devices. This means that vast amounts of real-time data can be routed to control systems and enterprise-level applications to analyze, sort, and exchange with disparate consuming applications.
Various working groups internationally contribute to making OPC UA the communications standard for Industry 4.0 products and services in specific industries.
One such working group is the ADI (Analyzer Devices) information modeling working group. ADI is sponsored by the OPC Foundation and it is made up of end users and vendors in the chemical and pharmaceutical industries. Another group is the OPC UA Tobacco Machine Communication working group that works to implement interoperable factory equipment for cigarette manufacturing.
To be classified as Industry 4.0 compatible by the OPC Foundation, a product must conform to the OPC UA standard, either by using integrated OPC UA or by using gateway software.
IT/OT convergence with PRTG Network Monitor
PRTG Network Monitor is an excellent IT monitoring solution that combines a wide scope of features with great usability and maximum flexibility. In addition to out-of-the-box support for all common IT standards, PRTG provides a RESTful API as well as OPC UA, MQTT, and Modbus support for easy plant integration. In addition, PRTG supports monitoring for IoT devices, environmental metrics, and other IT equipment and applications that do not use common standards.
OPC UA – how does it work?
OPC UA enables access to machines, devices, and other systems
- OPC UA server: The OPC UA server is the basis of OPC communication. It is a software program that implements the OPC standard and thus provides the standardized OPC UA interfaces to the outside world. The proprietary communication protocol for the manufacturer's control is implemented inside. OPC UA servers are provided by various parties.
- OPC UA client: The OPC UA client is the logical counterpart to the OPC UA server. The OPC UA client can be connected to the OPC UA server and read out the data provided by the server. Since the OPC UA servers implement the specified interfaces of the OPC UA standard, each client can access any OPC UA server and exchange data with the server in the same way.
What is OPC UA?
OPC UA (short for Open Platform Communications Unified Architecture) is a data exchange standard for industrial communication (machine-to-machine or PC-to-machine communication). The open interface standard is independent of the manufacturer or system supplier of the application, the programming language in which the respective software was programmed and the operating system on which the application works.
We are an OPC Foundation Member and therefore at the forefront of implementing the latest standards in industrial IT
Paessler is a registered OPC Foundation member, an industrial consortium that creates and maintains standards for open connectivity of industrial automation devices and systems. By being part of the community, Paessler is at the forefront of implementing the latest standards in industrial IT and provides its customers with the latest data insights into OT and IT.
Get your free white papers
The OPC UA sensors and what they monitor
How PRTG defines sensors
In PRTG, “sensors” are the basic monitoring elements. One sensor usually monitors one measured value in your network, e.g. the traffic of a switch port, the CPU load of a server, the free space of a disk drive. On average you need about 5-10 sensors per device or one sensor per switch port.
OPC UA Server Status sensor
The OPC UA Server Status sensor monitors status, uptime, and diagnostic information of your OPC UA server. With this new sensor type, you can ensure your devices are available via OPC UA and that your production processes run flawlessly.
OPC UA Custom sensor
The OPC UA Custom sensor monitors up to five numeric values returned by specific OPC UA node IDs. With this sensor type, you can retrieve information such as the PLC state, when a battery needs to be replaced, device failure, and system-specific error states.
OPC UA Certificate sensor
The OPC UA Certificate sensor monitors the certificate of an OPC UA server and helps you to ensure a secure and consistent communication between the machines in your shop floor.
OPC UA Notifications
Beckhoff IPC System Health sensor
The Beckhoff IPC System Health sensor monitors the system health of a Beckhoff Industrial PC (IPC) via OPC UA.
Create innovative solutions with Paessler’s partners
Partnering with innovative vendors, Paessler unleashes synergies to create
new and additional benefits for joined customers.
Keep industrial monitoring
professional with PRTG
IIoT, Industry 4.0, M2M – the digitalization of production is currently taking place and has become a decisive factor in remaining competitive in a global market. Historically separated production facilities and machines require access to the internet for logistics, predictive maintenance, and customer-specific production. These requirements call for integrated communication, which is only possible with traditional IT. IT/OT convergence, the fusion of production and classic IT, is the result. It is essential for preventing risks, eliminating obstacles, and implementing new processes.
Get more industry-specific
OPC UA monitoring is great but would you like to discover more about industrial IT monitoring?
Then be sure to check out our blog posts and web pages.
How exactly can smart gateways be used to get OT data into an IT monitoring concept? Let’s examine one possible solution by looking at an example with INSYS icom gateways and the new MQTT Subscribe Custom sensor of PRTG Network Monitor.