The document provides an overview of security mechanisms in OPC UA, including its security architecture, objectives such as authentication and confidentiality, and attack types addressed like message signing and user authentication. It emphasizes the importance of using specific security policies and recommendations for secure configurations, such as avoiding unencrypted storage of private keys. Furthermore, it highlights that while OPC UA is designed to be secure, additional precautions are necessary for effective system protection.

1. © Utthunga Technologies Pvt. Ltd. 2019
Security In OPC UA
By Sahan M, August 14 – 4PM to 5PM IST
Welcome to the Webinar

2. © Utthunga Technologies Pvt. Ltd. 2019
Agenda
OPC UA Security Environment
OPC UA Security Architecture
Attack Types Addressed by OPC UA
Recommendations for using OPC UA in Secure Way
Effectives of OPC UA Security Analysis
In A Nutshell
Security Objectives

3. © Utthunga Technologies Pvt. Ltd. 2019
OPC UA provides flexible set of security mechanisms,
Some OPC UA applications are on the same host and can be easily protected from
external attack.
Some OPC UA applications are on different hosts in the same operations network and
might be protected by the security boundary protections.
Some OPC UA applications run in relatively open environments, where users and
applications might be difficult to control.
OPC UA Security Environment
2
Source: OPC UA Spec. Security Model 1.04

4. © Utthunga Technologies Pvt. Ltd. 2019
Authentication
Authorization
Confidentiality
IntegrityNon-Repudiation
Auditability
Availability
Security
Objectives
Security Objectives
Authentication: The identity of an entity such as a Client, Server, or User.
Authorization: Assures the access is granted only the information that is intended to
function.
Confidentiality: The data being encrypted, which is in unreadable format.
Integrity: Receivers receive the same information that the original sender sent, without
the data being changed during transmission.
Non Repudiation: Non-Repudiation assures that something that actually occurred
cannot be claimed as having not occurred.
Availability: Running all the time and available to respond with valid information.
Auditability: Actions taken by a application must be recorded in order to provide
evidence to stakeholders.
3

5. © Utthunga Technologies Pvt. Ltd. 2019
OPC UA Security Architecture
OPC Unified Architecture uses a public key infrastructure to achieve secure
communication.
A session in the Application Layer communicates over a Secure Channel that
is created in the Communication Layer and relies upon it for secure
communication.
The Communication Layer provides security mechanisms to meet
Confidentiality, Integrity and application Authentication as security
objectives.
4
Source: OPC UA Spec. Security Model 1.04

6. © Utthunga Technologies Pvt. Ltd. 2019
Security Configuration
Security Policies
Security Modes
None No security
Basic256Sha256 (Recommended)
This policy is acceptable and more likely to be supported by older applications. This option is enabled by
default.
Aes128-Sha256-RsaOaep
(Recommended - Fastest)
This policy offers good security and is faster than the most secure policies; however, older applications will
not support it. This option is enabled by default.
Aes256-Sha256-RsaPss
(Recommended - Most Secure)
This policy is the most secure available; however, older applications will not support it. This option is
enabled by default.
Basic256 (Not Recommended) This policy has theoretical problems and is not recommended.
Basic 128Rsa15 (Not Recommended) This policy has known vulnerabilities and should not be used unless absolutely necessary.
Allow communication with no security
(None)
Not recommended as it does not use a certificate to secure communications between client and
server. For use only in a non-production environment.
Allow secure communication without data
privacy (SignOnly)
All messages between the client and server are signed but not encrypted.
Allow secure communication with data
privacy (SignAndEncrypt)
All messages between the client and server are signed and encrypted.
5

7. © Utthunga Technologies Pvt. Ltd. 2019
Attack Types Addressed by OPC UA: Encryption
OPC UA addresses unauthorized disclosure of any sensitive information by
doing encryption, when the data is in transit.
OPC UA addresses Eavesdropping, which impacts Confidentiality directly.
6

8. © Utthunga Technologies Pvt. Ltd. 2019
Attack Types Addressed by OPC UA: Message Signing
The signing of messages prevent a third party from changing the contents of
a message.
Signing a message helps to ensure the following,
• Data Integrity – The message was not altered from its original form
• Non-repudiation – The sender cannot deny the authenticity of the
message they sent and singed
• Proof of Origin – The message actually came from the legitimate
sender
OPC UA addresses Message Spoofing, Message Alteration Information by
signing the messages. Additionally, the messages will always contain a valid
Session ID, Secure Channel ID, Request ID, Timestamp, and Sequence No.
7

9. © Utthunga Technologies Pvt. Ltd. 2019
Attack Types Addressed by OPC UA: Application Authentication
Ensuring that the application we are communicating to is trusted by having
application Instance certificate
Authentication of applications
• Application instance certificates
• Certificate Authority (CA)
OPC UA encounters Rogue server, session hijacking, and server profiling
attacks by ensuring the application used is trusted and known to user.
8

10. © Utthunga Technologies Pvt. Ltd. 2019
Attack Types Addressed by OPC UA: User Authentication and Authorization
Authentication of users can be done,
• Username / password, WS-Security Token or X.509 certificates
• Fits into existing infrastructures like Active Directory
Authorization will help to control the access to the specific operations and
information.
Authorization (Server Specific)
• Fine-granular information in address space (Read, Write, Browse)
• Writing of meta data, calling methods
OPC UA encounters Rogue server, and session hijacking by ensuring only
authenticated and authorized user is allowed to perform an action.
9

11. © Utthunga Technologies Pvt. Ltd. 2019
Certificate Handling
10
To ensure a secure communication channel,
The Public key of Server from its trusted certificate store are Copied to Client
trusted certificate store.
Similarly, The Public key of Client from its trusted certificate store are copied to
server trusted certificate store.
While establishing a session, Client shall send its private key and server shall
validate with a public key of that client which is available in the server trusted
certificate store.
Source: OPC UA Spec. Security Model 1.04

12. © Utthunga Technologies Pvt. Ltd. 2019
Attack Types Addressed by OPC UA: Auditability
When multiple systems are communicating to the server then we can define
what is important to us in terms of debugging and security and log those
information.
Auditability is very useful and important because in OPC, we can aggregate
different servers and establish different sessions for a channel with different
vendors.
Used for post analysis and forensic analysis especially when something goes
wrong.
11

13. © Utthunga Technologies Pvt. Ltd. 2019
Attack Types Addressed by OPC UA: Availability
OPC UA Servers reject the sessions that exceed their specified maximum
number.
Minimize processing of packets before they are authenticated.
OPC UA encounter the threats like Denial of service, message flooding attack
(Bandwidth approach, Resource approach).
12

14. © Utthunga Technologies Pvt. Ltd. 2019
Effectives of OPC UA Security Analysis
13

15. © Utthunga Technologies Pvt. Ltd. 2019
Security Reconciliation Threats Summary
The OPC UA successfully passed these tests that were run for the German Federal Government (BSI).
14

16. © Utthunga Technologies Pvt. Ltd. 2019
Recommendations for using OPC UA in Secure Way
Do not leave your secrets lying around
 Never store private keys or the corresponding certificate files (.pfx/p12) on an unencrypted file system
Do not automatically trust certificates
 Do not accept connections, which do not provide the trusted certificates.
User Authentication
 Avoid use of anonymous Identifiers
 When this generic identifier is used, it is not possible to trace who has changed
Security Mode ‘None’ should not be used
 It does not provide any protection
 The Security Mode used should be ‘SignAndEncrypt’ or ‘Sign’
Selection of cryptographic algorithms
 At a minimum, the Security Policy ‘Basic256Sha256’ should be chosen provided technically possible
 Weaker security policies use outdated algorithms such as SHA-1 and should not be used
Managing and maintaining certificates
 Use certificate trust lists and certificate revocation lists to manage valid certificates.
15

17. © Utthunga Technologies Pvt. Ltd. 2019
• OPC UA is Secure By Design addressing all the Security Objectives.
• OPC UA allows different levels of security.
• OPC UA Security is standard based and developed with industry security experts from multiple company.
• Security as a reminder, OPC UA alone will not secure your systems.
In a Nutshell
16

18. © Utthunga Technologies Pvt. Ltd. 2019
Name: SAHAN.M
Email: sahan.m@utthunga.com
Utthunga Technologies Pvt. Ltd.
No. 8, 27th Cross, 2nd Stage,
Banashankari, Bangalore – 560 070
Phone: +91-80-68151900