Skip to main content
Version: 5.5

Copy of OPC-UA Client Plug-in Duplicate

Quickstart Tab

The Quickstart tab allows for a quick and straightforward configuration of the basic connection parameters required to connect to an OPC-UA server. The key fields include:

  • Name: A user-defined identifier for the connection, such as "KepServer" or "Aveva".
  • Endpoint: The server endpoint URL (e.g., opc.tcp://aveva:48033 or opc.tcp://KepServer002.mshome.net:49320, or an IP address). This field defines where the client should connect.
note

Note: If encryption is used, the endpoint must be specified exactly as it is stored in the server's certificate. For example, if the certificate contains "Server.domain.local", the endpoint must also be addressed in this way, and not, for example, via the IP. Otherwise, the certificate will be rejected by the OPC server.

  • Accesspath: An optional field to specify an access path for the connection.
warning

Important: When specifying an Access Path, only data points in the selected folder are displayed in the Tag Browser. You can use the button next to the Access Path to open the Tag Browser and select the folder. The Access Path can only be set if the "Browse Path" function is used for item identification.

  • Timeout (ms): Specifies the connection timeout in milliseconds. For example, 15000 ms allows the client 15 seconds to establish a connection.
  • Highest Security Level: An option to enforce the highest level of security, ensuring that the connection is secured with the best available methods.
  • Authentication: The type of user authentication used. The options are "Anonymous", "Username", or "Certificate".
tip

Click Test Connection to verify the connection parameters before proceeding.

Connection Tab

The Connection tab provides additional details about how the client connects to the server. This includes specifying advanced connection paths or additional configuration details that may not be covered in the Quickstart tab.

Security Tab

The Security tab helps ensure the integrity and safety of the connection by defining and validating trusted certificates:

  • Trusted Certificates: Specifies which certificates are trusted. You can import trusted (root) or trusted certificates in the OPC Router settings, or use the Windows/System certificate store to import the Root/Server certificate.
  • Certificate Validation: Ensures that certificates are verified to add an extra layer of security.
  • Validate Server Application URI: Validates the server's application URI to ensure correct identity verification.
  • Highest Security Level: This checkbox ensures that the connection uses the best available security measures.
  • Client Certificate: Select or create a certificate for the OPC Router to identify itself against the server. If you want to import an existing certificate, you can do this in the OPC Router settings under the Certificate section.
    • Use the plus sign to add a new certificate, and the minus sign to remove one. Another button allows you to display the properties of an existing certificate.

Redundancy Tab

note

Note: If you want to use the function to read data from a redundancy server, you need the Enterprise license.

The Redundancy tab allows you to configure redundancy settings to ensure a continuous connection:

  • Redundant Server: The OPC Router can connect to redundant OPC UA servers. This involves specifying an additional server. It is assumed that the node structure and authentication are identical on both servers.
  • Endpoint and Heartbeat Item: Define the redundant server endpoint and specify a heartbeat item to determine which of the servers is active. If this item has a BadQuality or False value, the other server is assumed to be active.
    • Activate Redundancy: Activate redundancy settings if the primary server cannot be reached, or if the heartbeat item indicates an issue.
    • Use the Check connection button to verify data connections in advance.

Subscription Tab

The Subscription tab contains settings that define the behavior of subscriptions:

  • Keep Alive Count and Retry: Specifies how often the server should send keep-alive messages and the number of retries before disconnection.
  • Lifetime Count: Defines how long a subscription remains active without receiving updates.
  • Priority: Sets the priority level of the subscription.
  • Subscription Publish Interval: Sets the interval at which the server publishes data changes.
  • Subscription Minimum Lifetime Interval: Sets the minimum subscription lifetime interval.
  • Register OPC Tags on Start: Automatically registers OPC tags at startup.
  • Enable Parallel Subscription Registration: Enables more efficient subscription handling.

Browse Tab

The Browse tab configures how the client interacts with the server's address space:

  • Continue Browse Until Done: Ensures that browsing continues until all nodes are retrieved.
  • Disable Browse Has Children: Disables additional checks for nodes with children.
  • Max Browse Continuation Points Override: Sets the maximum continuation points for browsing.
  • Max Browse References Returned: Limits the number of references returned per browse operation.
  • Max Nodes Per Browse Override: Sets the maximum number of nodes per browse operation.
  • Max Nodes Per Translate Browse Path Override: Limits the number of nodes for translating browse paths.

Read Tab

The Read tab is used to configure the behavior for reading data:

  • Max Nodes Per Read Override: Sets the maximum number of nodes per read request.
  • Read Cycle Warning Threshold: Defines the threshold for triggering a read cycle warning.
  • Read Max Age: Sets the maximum age for read values.
  • Parallel Read/Write Activation: Enables simultaneous read and write operations, improving performance.
  • Transfer OPC null values: If enabled, invalid OPC values will also be transferred (e.g., as NULL into databases).

Write Tab

The Write tab focuses on configuring data writing behavior:

  • Array Handling: Specifies how arrays should be handled when writing data. Options include:
    • Pass Original Array: Send the incomplete, raw array exactly as it is.
    • Fill Missing Values with Last Used: Use the value of the most recent value for all missing elements.
    • Fill Missing Values with Default: The default value will be used for missing elements (e.g., NULL for INT).
  • Max Nodes Per Write Override: Sets the maximum nodes allowed per write operation.
  • Max Batched Writes: Controls the number of writes that can be batched together for efficiency.
  • Asynchronous and Grouped Writes: Enables asynchronous and grouped writes to optimize data transfer.
  • Publish on Write Activation: Immediately publishes data when written.
  • Parallel Read/Write Activation: Allows for simultaneous read and write operations.

Advanced Tab

The Advanced tab provides additional settings for experienced users who want to fine-tune the connection:

  • Timeout and Sample Rate: Set timeouts and data sampling rates to control the connection.
    • Sample Rate: Defines the rate (in ms) at which the OPC server refreshes values. Setting "0" will use the smallest available update rate.
  • Allowed Qualities of Values: If the quality of the values does not match the selected quality, this will result in a transfer abort in the OPC Router at runtime with an appropriate error message. For example, if "Bad" is allowed, a "" value may be transferred, which can lead to subsequent errors if this value is not valid for the target.
  • Addressing Method: It is recommended to use "Browse Path" instead of Node ID for addressing. According to the OPC UA specification, it is not mandatory that the Node ID remains persistent between server restarts or reconfigurations. By using Browse Paths, the OPC Router resolves this during startup or when the connection is established (which may be slightly slower initially).
note

Note: The Browse Path option may be more beneficial when used with templates, although it may increase initialization time, especially in larger projects.

  • Access Optimization: Enable RegisterNode access for improved performance. This setting registers the nodes and then uses handles from the register for subsequent communication. This reduces the payload size and optimizes the overall communication since the complete NodeId (which can be a long string for some servers) does not need to be transmitted each time.
  • Keep Alive Timeout Override: Override settings for keep-alive messages.
  • Preferred Culture: Set the preferred language or culture for communication.
  • Provider Implementation: Select the OPC UA version for data type definitions. Options include "OPC 1.03 Data Type Dictionary" or "OPC 1.04 Data Type Definition".
  • Enable Local Process Communication: This setting is used only when accessing the same OPC Router that also acts as the UA Server. In this case, the TCP/IP stack is bypassed, and the client communicates directly in-process with the UA Server, which can improve performance.

OPC Read Mode

The OPC Read Mode setting provides three different modes for reading data from the OPC server:

  • OPC Router Cache: In this mode, the OPC Router itself is responsible for reading the data points. Data points are read at the configured "Sample Rate" and held in an internal cache. The reading process is handled by internally created groups or subscriptions, and an internal thread reads items using a DeviceRead operation from the OPC server. The "Read Time" in the OPC Router status for the transfer object reflects access to the internal OPC Router cache, not the OPC server itself. If the background update takes longer than the configured sample rate, the log file may display "Workcycle took longer than...".
  • Asynchronous (Recommended): In this mode, OPC ChangeNotifications are used, meaning the OPC server is responsible for reading the data points and notifying the OPC Router of changes. The OPC Router stores the values in its internal cache and provides them to transfer objects. The read times in the transfer object's status reflect access to the internal cache only. This setting can be combined with the Subscription Publish Interval and Max Notifications per Publish to receive "fast batched" value changes for the DataChange trigger.
  • Synchronous: In this mode, a "Sync read from Device" is performed directly from the context of the OPC transfer object, bypassing all caches. The times in the transfer object's status reflect the actual access to the device.

Background Information from OPC UA Specifications

The OPC Unified Architecture (OPC UA) is designed as a platform-independent standard to facilitate communication between various systems and devices across all industrial domains. It allows seamless interoperability through standard models for data exchange and interaction, supporting both Client-Server and Publish-Subscribe (PubSub) communication models.

AddressSpace Model: The OPC UA AddressSpace is a core concept that defines how information is structured and accessed within a server. It is an organized collection of Nodes that represent real-world objects, making it easier for clients to understand the structure and interact with the data.

Quality of Service: OPC UA supports defining the quality of the values being transferred, which can affect the behavior of data exchange. For example, qualities like "Good", "Uncertain", or "Bad" influence how clients handle data and what actions are triggered based on data validity.

Subscriptions and MonitoredItems: The Subscription model in OPC UA allows clients to monitor changes to data or events from servers. The Subscription entity, along with MonitoredItems, is used to track data changes efficiently and notify clients about updates, reducing the need for constant polling.

Security and Redundancy: OPC UA has integrated a strong security model, which includes encryption, user authentication, and application-level security measures. The redundancy features allow multiple paths to maintain a connection, ensuring high availability even in the case of network or server failures.

You set the following properties in the configuration of the OPC connection:

Quickstart

PropertyDescription
NameAny name under which this connection appears in the connection configuration. Choose a name that is clearly recognizable for you!
Endpoint

Address of the OPC server (protocol: opc.tcp, http or https)

Important: If encryption is used, the endpoint must be specified exactly as it is stored in the server's certificate. If, for example, “Server.domain.local” is stored in the certificate, the endpoint must also be addressed in this way and not, for example, via the IP. The OPC server certificate will then be rejected.

Access pathIf you specify an Access Path, only the data points in the Tag Browser of the transfer object or trigger that are located in the folder you have selected are displayed. You can open the Tag Browser using the button next to the Access Path and select the folder here. Important: You can only define the access path if you have selected the “Browse Path” function in the item identification.
Timeout (ms)Time (in ms) that the connection establishment may take before a connection error is returned.
Use highest security levelActivate to use the highest possible security level on the OPC server side. Alternatively (e.g. in the event of connection problems), deactivate and make the security settings manually.
LoginLogin drop-down

Connection

PropertyDescription
NameAny name under which this connection appears in the connection configuration. Choose a name that is clearly recognizable for you!
Endpoint

Address of the OPC server (protocol: opc.tcp, http or https)

Important: If encryption is used, the endpoint must be specified exactly as it is stored in the server's certificate. If, for example, “Server.domain.local” is stored in the certificate, the endpoint must also be addressed in this way and not, for example, via the IP. The OPC server certificate will then be rejected.

Access pathIf you specify an Access Path, only the data points in the Tag Browser of the transfer object or trigger that are located in the folder you have selected are displayed. You can open the Tag Browser using the button next to the Access Path and select the folder here. Important: You can only define the access path if you have selected the “Browse Path” function in the item identification.

Security

PropertyDescription
Trusted certificatesHere you can select which server certificates are to be accepted.
Certificate validationDetermines whether the server's certificate is checked.
Validate Server Application UriValidates the ServerApplicationUri of the server certificate. Some servers do not provide a valid ServerApplicationUri in the certificate.
Use highest security levelDeactivates mode and encryption options.
Mode

No security = “None”, Sign = “Sign”, Sign and encrypt = “Sign and Encrypt”.

Note: This option is only active if the “Use highest security level” option is inactive.

Encryption

The encryption method to be used can be selected here.

Note: This option is only active if the “Use highest security level” option is inactive.

Client certificateSelect a client certificate from the drop-down list. Use the plus symbol to add another certificate and the trash can symbol to remove a certificate. The properties of an existing certificate can be displayed with the eye symbol.
LoginLogin drop-down

Redundancy

PropertyDescription
Redundancy serverActivate to specify a redundancy OPC server. Redundancy is activated if the primary server cannot be reached and (optionally) if the primary server's life item cannot be read or assumes the value “0”. Then enter the redundancy server and, if required, an object (item) on the selected redundancy server.
Endpoint

Address of the OPC server (protocol: opc.tcp, http or https)

Important: If encryption is used, the endpoint must be specified exactly as it is stored in the server's certificate. If, for example, “Server.domain.local” is stored in the certificate, the endpoint must also be addressed in this way and not, for example, via the IP. The OPC server certificate will then be rejected.

Alive itemA specific node or tag that is monitored to ensure that the connection to the OPC UA server is still active. This field is used to periodically check the status of the server by reading the value of the specified "alive" element. If the value can be successfully read, it indicates that the server is still responding and the connection is healthy.

Subscription

PropertyDescription
Keep Alive CountUsed to calculate the time interval for requests that check whether there is still a connection to the server.
Keep Alive RetryNumber of retries allowed for failed keep alive requests before the connection is terminated.
Lifetime CountSpecifies how long the server maintains the connection if the client does not confirm the receipt of publish packets. Note: The value should be at least three times the Keep Alive Count.
Max Notifications per PublishSpecifies the maximum number of notifications that the client would like to receive in a single response. The value 0 indicates that there is no limit.
PrioritySpecifies the relative priority of a subscription. If several subscriptions want to send a notification, the server only allows the one with the highest priority value.
Enable Subscription PublishingActivates or deactivates Subscription Publishing
Subscription Publish IntervalSpecifies the publish interval in milliseconds. Note: If no value is specified, the sample rate is used.
Subscription Minimum Lifetime IntervalThe minimum lifetime for subscriptions in milliseconds.
Register OPC Tags on StartAutomatic registration of OPC tags when the client is started. This means that the client establishes a connection to the OPC UA server and subscribes to the specified tags from the outset, ensuring that the data from these tags is available immediately after startup.
Enable Parallel Subscription RegistrationAllows the client to register multiple subscriptions at the same time rather than one after the other. This can significantly speed up the initialization process, especially with a large number of subscriptions.

Browse

PropertyDescription
Continue Browse Until DoneSpecifies whether the following nodes should continue to be browsed after the timeout has expired until the process is completed.
Disable Browse Has ChildrenDeactivates the check for further sub-elements when opening folders in the tag selection and in the OPC browse function of the script plug-in in order to avoid heavy loads. This ensures that all elements are initially displayed as if they contained further elements.
Max Browse Continuation Points OverrideOverwrites the maximum number of continuation points. A value of 0 means that the default value is used.
Max Browse References ReturnedDefines the maximum number of references that can be returned when browsing.
Max Nodes Per Browse OverrideOverwrites the maximum number of nodes that may be used during a search operation. A value of 0 means that the default value is used.
Max Nodes Per Translate Browse Path OverrideOverrides the maximum number of nodes that may be used during a “Translate Browse Path” search operation. A value of 0 means that the default value is used.

Read

PropertyDescription
Max Nodes Per Read OverrideOverwrites the maximum number of accounts that are processed per read cycle. A value of 0 means that the default value is used.
Read Cycle Warning ThresholdConfigures the tolerance in percent for the sample rate before a warning is logged.
Read Max Age

This option specifies the maximum age of a value in milliseconds. (The age is determined by the time span between the moment the server receives a value or confirms that it is valid and the moment the value is accessed). If the server does not find a value within the maximum age or the maximum age is set to 0, the server attempts to update the value by reading it again from the data source.

If the specified value is the maximum Int32 value, the server attempts to load a cached value from the cache.

If the server is unable to return a value within the specified maximum age, it returns the best possible ('best effort') value instead of rejecting the request.

Enable Parallel Read/Write

Specifies whether multiple read and write curtains can be executed simultaneously. If this option is deactivated, a read or write process must be completed before another process can be started.

Note: This option is mainly used for the compatibility of older OPC Router 4 versions and the OPC Router 3. If deactivated, this may slow down read and write processes.

Write

PropertyDescription
Array handling

Specifies how incomplete arrays should be handled.

  • Use raw array: Sends the array exactly as it was received.
  • Fill missing values with recent values: If a value is missing, uses the last value used to fill the array.
  • Fill missing values with standard values: The default value of the data type is transferred to the array. (e.g. NULL for data type INT)
Max Nodes Per Write OverrideOverwrites the maximum number of nodes that can be processed per write cycle. A value of 0 means that the default value is used.
Max Batched WritesLimits the number of write operations that can be executed in a request.
Enable Asynchronous WritingDetermines whether asynchronous writing is used.
Enable Batched Write

If this setting is activated, OPC write requests are combined in a queue and processed in a single request to the OPC server.

Note: If the order of the write requests is important or they are to be executed separately, this setting can lead to undesirable behavior.

Enable Publish On WriteDetermines whether a publish is executed directly after writing a value.
Enable Parallel Read/Write

Specifies whether multiple read and write curtains can be executed simultaneously. If this option is deactivated, a read or write process must be completed before another process can be started.

Note: This option is mainly used for the compatibility of older OPC Router 4 versions and the OPC Router 3. If deactivated, this may slow down read and write processes.

Advanced

PropertyDescription
Timeout (ms)Time (in ms) that the connection establishment may take before a connection error is returned.
Sample rate (ms)Sample rate (in ms) at which the OPC server updates the values for the router. Set the value to “0” to use the minimum (fastest possible) update rate of the OPC server.
Log pathFile path for an additional, optional event log. event log.
Allowed Qualities of ValuesHere you can specify which data qualities are acceptable for the values to be read or written. In OPC UA, the data quality indicates the reliability and validity of the data.
Addressing method
  • Node ID: Data points are addressed directly in the transfer object via the node ID.
  • Browse Path: Data points are connected in the transfer object via the path of the OPC server.

Important: By using the browse path, it may be easier to connect templates. Delays can occur when initializing the data points, especially in large projects.

Access optimizationActivates the use of node registration for accessing OPC-UA nodes. If this option is activated, the client registers the nodes it wants to access with the OPC-UA server.
Handle Null String As Empty StringDetermines whether strings that are zero, i.e. have no value, are processed as if they were empty.
OPC Read Mode

The OPC read mode defines how data is read out. The following options are available:

  • OPC Router Cache: Data is preferably read from the OPC router cache. This minimizes network traffic, but can result in the data not being the most up-to-date, especially if the values in the data source change frequently.
  • Asynchronous: All data from OPC transfer objects is requested asynchronously. This allows the OPC router to perform other tasks while waiting for a response, which can improve efficiency.
  • Synchronous: With this option, data is read directly from the data source as far as possible. This option generates more network traffic, but provides the most up-to-date data. Please note that this option is currently only implemented in the OPC transfer object.
Keep Alive Timeout OverrideOverwrites the keep alive timeout in milliseconds. This defines how long the server may not be accessible before the connection is disconnected.
Preferred CultureDefines the preferred language (en-US, de-DE) for translated texts.
Type Provider ImplementationUser-defined types (UDT) can be stored on the OPC UA server. However, these are not always in the same place; how they are read depends on the OPC UA version. OPC 1.03 and OPC 1.04 are not compatible and you can therefore choose how the OPC router attempts to read the types.
Activate in-process communication locallyIf an OPC UA client is connected to an OPC UA server created and running in the (same) OPC router, the OPC router uses a shortcut instead of sending all data over the network. This allows the client data to be read directly from the server.

Login drop-down

PropertyDescription
Login
  • Anonymous: Activate if your OPC server allows anonymous logins. Otherwise deactivate and enter user/password.
  • Username: Log in via login information.
  • Certificate: Registration via a certificate.

Login: Username

PropertyDescription
UsernameUsername for logging on to the OPC server (not: **** Windows server)
PasswordPassword for logging on to the OPC server (not: Windows server)

Login: Certificate

PropertyDescription
Authentication certificateSelect a certificate here or create a new certificate. The new certificate is then displayed under the settings in the certificate management. Click on Export and then integrate the certificate into the OPC UA server used.

You can use the “Check connection” button to check in advance whether your data connection is working.