OPC Data Client Development Toolkit Update – UA Platforms, Security, & Interoperability

Posted by John Weber on Nov 13, 2018 10:00:00 AM

The 2018.3 release of the OPC Data Client toolkit continues to make OPC UA client development easier, more secure and interoperable, while continuing to support OPC DA, A&E, and XML-DA development.

In this blog post I have taken the release notes and boiled it down to the key benefits that might drive you to upgrade, get back on support, renew support, or, if you’re new to OPC client development, try our OPC Data Client toolkit.

Easier Development + More Platforms = More Choice

Easier OPC UA Security Development

Before we get to the exiting new platforms news, for our existing users, we’ve added more capabilities to further reduce development time and complexity.  These include:

  • Improvements to licensing deployment eliminate all extra steps in order to deploy and run your custom applications on target machines

  • Improved logging around OPC UA security

  • New specialized client objects introduced with this release to reduce development time related to OPC UA secure certificate and discovery server management

More Platforms!

Linux & .NET Core

You may have heard a lot about .NET Core, .NET Standard, and of course .NET Framework has been around for a long time.  What’s the difference, why do you care?

Well you care because .NET Core is about developing for non-Windows platforms, like Linux!  And since OPC UA is cross-platform, you just might have a need to write an OPC UA client application in Linux, and the OPC Data Client 2018.3 release now supports OPC UA and OPC XML-DA client application development on Linux and Windows!

Visual Studio Code

 

For developing with .NET Core and .NET Standard with the OPC Data Client, we’ve primarily targeted these compilers and you’ll need .NET Core SDK 2.1.103 or higher.

  • .NET Core CLI Tools

  • JetBrains Rider 2018.1

  • Visual Studio 2017

  • Visual Studio Code (with the C# extension)

If you want to learn more about the new terms .NET Core and .NET Standard, we will have a blog post coming on that which puts it all in OPC Data Client toolkit terms, so you might want to subscribe to our blog.  In the meantime, MSDN Magazine did a pretty good job of explaining it in this article.

The good news is that .NET Framework is NOT going away for all our loyal Windows developers out there! A hint, .NET Framework sits on top of .NET Standard and so does .NET Core. Just new names from Microsoft as they evolve to become multi-platform friendly.

So while doing this version, we updated our supported .NET Framework versions and Windows Development tools:

  • .NET Framework 4.6.2 or higher – you need to be on this anyway if you care anything about security and are using Windows

  • Microsoft Visual Studio 2013 - commercial (aka paid) developer editions

  • Microsoft Visual Studio 2015 - commercial (aka paid) developer editions

  • Microsoft Visual Studio 2017 (all editions, including Community)

Security

Everyone’s favorite topic and, if you saw our 2017.2 release, we continue to keep this on our radar and look for ways to make things easier for you.

A key feature of the OPC UA standard is the ability to encrypt the communications between the client and server. Encryption is achieved using digital certificates that are issued on the client and server side of the UA connection.

OPC UA uses secure certificates

If you are in IT, then you are well aware of terms like SHA-1, SHA-2, and certificate key lengths and why they are important. If you’re not in IT, those terms refer to the encryption algorithms and the # of bits in the keys. Longer keys = harder to crack.

On public websites, suppliers in 2018 had to go through and issue new website certs with longer keys (2048 bit minimum), and make sure webservers weren’t using older certificate algorithms like SHA-1 and rather using SHA-256. Now inside of tightly controlled, no internet access OT environments maybe you don’t care, but sooner or later your company cybersecurity team will care.

In this release of OPC Data Client we’ve added these features to help you deal with these issues in your client application, adding to the existing support for the most secure OPC UA security policies.

  • AllowSha1SignedCertificates parameter – set it to false and your client won’t accept a SHA-1 certificate. Set it to true and it will.

  • MinimumCertificateKeySize parameter – sets minimum key length on certificates your client accepts.

  • EasyUACertificateManagementClient – an object that helps your application manage certificates better, especially when you are integrating with global discovery servers, which we’ll talk about shortly in our interoperability improvements. In the screenshot shown here, we create an instance of the object and check whether certificates need to be updated.

    UA Certificate Mgmt Object Example
  • Ability to manage certificates more easily in console applications

  • Connectivity Explorer now supports viewing what certificate is being used which can help you troubleshoot connections from a known test client.

  • Improved logging of UA errors on HTTPS and certificate validation.

Interoperability

The product recently went to the latest OPC Foundation Interoperability workshop to try out the new features against other OPC UA servers and we’re pleased to say it went very well.  A big new feature in the 2018.3 release is improved support for what are called Global Discovery Servers or GDS.

Before we get into that though, one key thing improved in 2018.3 is the error reporting when exceptions occur when calling OPC UA actions. More information and SDK traces are provided than before to help you troubleshoot problems fast.

What is GDS, why do you care? In OPC UA, a GDS (Global Discovery Server) is a service that runs on a server on your network, and all OPC UA servers and OPC UA clients can register with the GDS, and register their secure certificate public keys. Think of it like Google for finding your OPC UA servers on your network.

A GDS admin then approves the certificates one time.  By using a GDS, OPC UA Clients can easily find available OPC UA servers on a network, but also get the server’s certificate public key, and immediately start using it, without having to go through the whole initial certificate acceptance setup at every client/server combination.

In the OPC Data Client 2018.3 release, these new features make using and interoperating with Global Discovery Servers easier:

  • The EasyUAGlobalDiscoveryClient component helps you implement communications with an OPC UA Global Discovery Server easier. Methods for querying the GDS, registering, updating and unregistering your application save you development time and produce a more robust application.

  • The IEasyUAClientApplication service works along with the above component to help with obtaining certificate information from the GDS, refreshing lists of trusted applications, etc.

    Example - Registering with GDS

  • The Connectivity Explorer test client supports registering with a GDS as a great way for you to learn about working with a known entity, while developing your own custom application.

Learn More, Upgrade, or Try the OPC Data Client

So that’s the summary – new platforms and OS choices, more security, and more interoperability tools.  All to reduce your development time, support more robust applications, and more users than before.

There’s lots more in this release you can read about in the release notes in our knowledge base.

Existing OPC Data Client License Owners

If you already own a license of the OPC Data Client and are on an active support agreement, you can download the software from the trial version request page and upgrade for free by following the licensed user upgrade instructions.

If you have an older license and aren’t on an active support agreement, you can still get the latest version with an upgrade fee. Contact us for upgrade options.

Ready to try the latest OPC Data Client Toolkit?

OPC Data Client Download Trial

Topics: OPC UA, OPC, OPC Data Client, Developer Tools

John Weber

Written by John Weber

Join Our Journey

Working in industrial automation since 1996, the Software Toolbox team has seen a lot. The level of automation system sophistication of our integrators and users has evolved, each driven by the demands of their market and clients.  Everyone's learning continues as technological change accelerates.

This blog is about sharing from these journeys.  From tips on implementing software, successes our clients have experienced, or new ideas and things to consider in your journey, we'll be sharing them here.

Subscribe to Our Blog

Recent Posts

Posts by Topic