标准摘要
[中文适用范围]: 本部分IEC 62541定义了OPC统一架构(OPC UA)的配置文件。本文档中的配置文件用于根据OPC UA产品的测试性质和测试类型(基于工具或基于实验室)来分离功能。这包括由OPC基金会提供的OPC UA CTT(自测工具)和由OPC基金会提供的独立认证测试实验室执行的测试。这也同样适用于由其他组织提供的测试工具或测试实验室。重要的是基于自动化工具的测试与基于实验室的测试的概念。本标准范围包括定义只能在实验室中测试的功能,以及定义在实验室或使用自动化工具测试OPC UA产品时使用的功能分组。实际测试用例的定义不在本文件范围内,但测试用例的一般类别在本文件范围内。大多数OPC UA应用程序将符合多个但不是所有的配置文件。 [外文原描述]: IEC 62541-7:2020 defines the OPC Unified Architecture (OPC UA) Profiles. The Profiles in this document are used to segregate features with regard to testing of OPC UA products and the nature of the testing (tool based or lab based). This includes the testing performed by the OPC Foundation provided OPC UA CTT (a self-test tool) and by the OPC Foundation provided Independent certification test labs. This could equally as well refer to test tools provided by another organization or a test lab provided by another organization. What is important is the concept of automated tool-based testing versus lab-based testing. The scope of this standard includes defining functionality that can only be tested in a lab and defining the grouping of functionality that is to be used when testing OPC UA products either in a lab or using automated tools. The definition of actual TestCases is not within the scope of this document, but the general categories of TestCases are within the scope of this document. Most OPC UA applications will conform to several, but not all, of the Profiles. This third edition cancels and replaces the second edition published in 2015. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) new functional Profiles: • profiles for global discovery and global certificate management; • profiles for global KeyCredential management and global access token management; • facet for durable subscriptions; • standard UA Client Profile; • profiles for administration of user roles and permissions. b) new transport Profiles: • HTTPS with JSON encoding; • secure WebSockets (WSS) with binary or JSON encoding; • reverse connectivity. c) new security Profiles: • transportSecurity – TLS 1.2 with PFS (with perfect forward secrecy); • securityPolicy [A] – Aes128-Sha256-RsaOaep (replaces Base128Rsa15); • securityPolicy – Aes256-Sha256-RsaPss adds perfect forward secrecy for UA TCP); • user Token JWT (Jason Web Token). d) deprecated Security Profiles (due to broken algorithms): • securityPolicy – Basic128Rsa15 (broken algorithm Sha1); • securityPolicy – Basic256 (broken algorithm Sha1); • transportSecurity – TLS 1.0 (broken algorithm RC4); • transportSecurity – TLS 1.1 (broken algorithm RC4). e) deprecated Transport (missing support on most platforms): • SOAP/HTTP with WS-SecureConversation (all encodings).
英文名称OPC Unified Architecture - Part 7: Profiles