OPC Security

External and internal threats are concerns in critical control systems. OPC Security provides security in a standard manner

Introduction

Whitepapers and Resources

Specifications

Training

Introduction

OPC Security provides secure access to all real-time OPC architectures. While DCOM security can't control who can browse, add, read and/or write to a tag, OPC Security gives a granular control over data access to prevent accidental or intentional un-authorized OPC data access. OPC Security is a standard provided and maintained by the OPC Foundation. The OPC Security is implemented through the following interfaces:

  • IOPCSecurityNT (NT Access Token)
    • Uses Windows credentials (passed between client and server via Windows)
    • OPC Server side
  • IOPCSecurityPrivate (Private Credential)
    • Uses Private credentials (ex: userid:password)
    • OPC Server and client support required

Whitepapers and Resources

Here are some whitepapers about the technical details and implmenetaions for OPC Security:

Effective OPC Security for Control Systems - Solutions you can bank on (NEW!!) by Eric Byres, P. Eng., ISA Fellow CTO, Byres Security Inc. and Darek Kominek, P. Eng., Manager, OPC Marketing, MatrikonOPC

OPC Security White Paper #2 by DigitalBond provides information on Threats & Vulnerabilities for OPC Host Systems and many more.

Controlling Access to Critical System Data by Sean Leonard.

OPC Security Better Safe than Sorry

OPC Security – Providing Data Access on a Need-To-Know Basis

Specifications

Download File - OPC Security 1.00 Specification

Training

Industrial Cyber Security and OPC Security Workshop