基于OPC UA工业设备和应用程序的角色安全管.pdf

1、Role-Based Security Management for Industrial Devices and Applications Based on OPC UAJouni Aro,Luukas Lusetti,IsmoLeszczynskiProsys OPC L4Prosys OPC Founded in 1995 Global expert in OPC UA solutions and information modeling IT/OT integration Industrial Security An active member of the OPC Foundatio

2、n and Open Industry 4.0 AllianceEspoo,Finland 50+countries 1000+customers6Developer ToolsSimulation&TestingIntegration&Visualization Our Product Family7Jouni Aro,MScTechProsys OPCCTO 1996-OPC Product Development 1999-OPC Training 2003-Finnish Society of AutomationOPC Committee 2003-OPC Committee,Cha

3、irman 2013-Speaker,Organizer,OPC Day Finland 2005-Member of the Board 2025-OPC Foundation,OPC UA Working Groups 2006-Technical Advisory Council,2018-Speaker,OPC Day Europe 2016&2017Speaker,OPC North American Seminar Tour 2016&2017Speaker,OPC Day International 2022,2024,2025IECIEC TC65/SC65E/WG8(OPC

4、UA),2016-ISPEPharma 4.0,2020-10OPC UA(IEC 62541)Base Services Read/Write/DataChange Events Method Calls HistoryRead Information Models Data Access Alarms&Conditions Programs Devices&Machinery:Identification(Asset Management)Device Health(Condition Monitoring)Companion Specifications Domain specific

5、details Security Confidentiality Integrity Availability Authentication Access Control Auditing Transport options UA TCP PubSub MQTT UDP REST 11OPC UA Part 2,6,12,18:Security Confidentiality&Integrity Message Signing Message Encryption Application Authentication Application Instance Certificate User

6、Authentication Username/Password User Certificate Issued Identity Token Access Control Role-Based(RBAC)AuditLogs12OPC UA Security Application Identities X.509 Certificates User Identities Roles Access Control Trust Lists Permissions13Access Control Identities are used to authenti