Software Toolbox Technical Blog

Risk is often defined as the likelihood that something will occur multiplied by the impact it would have. In the world of automation, some of those possible impacts are unexpected downtime, loss of data, theft of information, damage to people and products, and inaccurate data – not to mention the fines and penalties when government regulations are not met.

At Software Toolbox, we understand that data availability, integrity, and confidentiality are of the utmost importance. As the adoption of IIoT grows, so does network exposure, increasing the likelihood of potential security issues. Implementing safe protocols and practices are essential to mitigating these risks.

If you use OPC UA, you are likely at least somewhat familiar with OPC UA certificates. OPC UA client and server applications typically have Application Instance Certificates to provide application-level security. They are used for establishing a secure connection using Asymmetric Cryptography.

OPC UA certificates include a digital signature by the generator of the certificate. This digital signature can be self-signed or can be signed by a Certificate Authority (CA). Both types of certificates provide the same level of security and can be used in Asymmetric Cryptography. The major difference between CA signed and self-signed certificates in an OPC UA installation is the effort required to deploy and maintain the certificates. The choice of when to use a CA issued certificate versus a self-signed certificate depends on the installation and site requirements.

Many of our products leverage the OPC UA Configuration tool from the OPC Foundation to create and trust certificates and certificate authorities (CA). This tool actually installs with our OPC Data Client toolkit but is also available from the OPC Foundation. But how do we navigate this tool and the use of OPC UA certificates as a whole?

In this blog post, we will cover both methods of UA certificate signing, as well as the tool mentioned above for easily managing UA certificates for your OPC UA applications.

Great job! You managed to configure Cogent DataHub® to fit your needs, and now you are ready to run it in a production environment, but you are left with one question – “How in the world do I run DataHub as a service?”.

Running applications as Windows services has multiple benefits but, perhaps, the most beneficial reason to run an application as a service is the ability to let the application/process run in the background without the need for a user to be logged on the operating system. For that reason, this might be why you are looking at how to run it as a service, whether you are tunneling, logging, aggregating, historizing data, and/or using Datahub as a Gateway.

Continuing our Tech Support Corner blog series, if you find yourself in this situation like other users over years, do not worry. This post will walk you through the process of running DataHub as a service as well as how to access its properties from a local and/or remote machine.

If you've seen our other, more detailed posts (specifically our Exploring OPC UA post and the DataHub OPC UA video how-to) on getting Cogent DataHub working with OPC UA clients and servers, you are probably already familiar with configuring Cogent DataHub for secure access from an OPC UA client. However, we are commonly asked how to quickly get the DataHub OPC UA server interface ready for an OPC UA client to securely connect for accessing data from the variety of other interfaces that DataHub supports.

Continuing our Tech Support Corner blog series, this short post covers just the basics for setting up the Cogent DataHub OPC UA server interface to use the highest level of security and to require a client to specify a username and password for authentication.

Continuing our Exploring OPC UA blog series, we're still going into the specifics of OPC UA security configuration in key Software Toolbox solutions that are OPC UA capable.

In this ninth post of the series, we will focus on OPC Router, focusing on stepping through what the settings are in OPC Router and how to get connected both for your OPC UA clients and servers.

If you've been following our ongoing Exploring OPC UA blog series, we've been covering key Software Toolbox solutions and the specifics of configuring OPC UA security and connectivity.

In this eighth post of the series, we will focus on the OPC Data Client development toolkit, with the primary topic being how to exchange security certificates and establish a trust relationship between your custom OPC UA client and an OPC UA server.

If you've been following our ongoing Exploring OPC UA blog series, we've been covering key Software Toolbox solutions and the specifics of configuring OPC UA security and connectivity.

In this seventh post of the series, we will focus on OPC Data Logger, specifically stepping through settings related to security, endpoints and certificate management and connecting OPC Data Logger to OPC UA servers for logging data.

As you may have seen in our recent posts in our ongoing Exploring OPC UA blog series, we've been going into the specifics of OPC UA security configuration in key Software Toolbox solutions that are OPC UA capable.

In this sixth post of the series, we will focus on Cogent DataHub, focusing on stepping through what the settings are in DataHub and how to get connected both for your OPC UA clients and servers.