SECURITY CHECK BY GERMAN FEDERAL OFFICE FOR INFORMATION SECURITY

From UaCapabilities
This is the approved revision of this page, as well as being the most recent.
Jump to: navigation, search

Source: Holger Junker, German Federal Office for Information Security, (BSI), head of Division C12


OPC-UA is one of the most important modern standards for industrial facilities and many further scenarios in an intelligent and connected world. OPC-UA is considered a central building block on the way towards Industrie 4.0. It enables integration between various layers of the automation pyramid from sensor up to the ERP system. It is the first time a unified, worldwide recognized industrial protocol can be employed that allocates necessary cryptographic mechanisms for a secure smart factory. In order to further raise trust in OPC-UA, BSI currently conducts a comprehensive and independent security check.
In the first step the OPC-UA specification will be thoroughly analyzed. Next a chosen reference implementation will be tested concerning security. The goal of the project is to issue a detailed, meaningful analysis of OPC-UA, proposals for possible necessary improvements as well as recommendations for equipment producers, integrators and manufacturers. The OPC Foundation supports BSI in their security check effort. The results will first be discussed with the OPC Foundation towards the end of 2015. Next, an official release of the elementary results together with resulting recommendations will be published.

»The only communication technology in the factory, with implicit security features and the potential for the challenges posed by Industrie 4.0, that I am aware of today, is OPC-UA.«
Holger Junker, BSI