Design World

  • Home
  • Technologies
    • ELECTRONICS • ELECTRICAL
    • Fastening • joining
    • FLUID POWER
    • LINEAR MOTION
    • MOTION CONTROL
    • SENSORS
    • TEST & MEASUREMENT
    • Factory automation
    • Warehouse automation
    • DIGITAL TRANSFORMATION
  • Learn
    • Tech Toolboxes
    • Learning center
    • eBooks • Tech Tips
    • Podcasts
    • Videos
    • Webinars • general engineering
    • Webinars • Automated warehousing
    • Voices
  • LEAP Awards
  • 2025 Leadership
    • 2024 Winners
    • 2023 Winners
    • 2022 Winners
    • 2021 Winners
  • Design Guides
  • Resources
    • Subscribe
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Educational Assets
    • Engineering diversity
    • Trends
  • Supplier Listings
  • Advertise
  • Subscribe

How to keep data safe in the IoT world

By Leslie Langnau | July 6, 2021

The news has been filled with cyberattacks on a number of companies’ networking systems, several of which are critical to the U.S. economy. As the IoT, IIoT, Industry 4.0, and similar networks inch forward, recent digital events on networking held sessions on how to secure the transmission of data. One of those sessions was at the recent OPC Day International. The OPC organization promotes the use of the OPC Unified Architecture (UA). While this protocol may not be as well-known as others in the U.S., it has been around since 2008.

The OPC UA protocol transports standardized information from a source, such as an industrial component, to the cloud, and back to IT systems through standard interfaces independent of underlying protocols (like TCP, UDP, MQTT, AMQP, etc.). The organization says OPC UA is an enabler for interoperability of devices on the shop floor and business software. But it provides this interoperability with end-to-end security.

According to OPC, there are at least ten common attack types. These include:
–Message flooding through denial of service (DoS) attacks. OPC UA servers combat this by processing incoming packets as minimally as necessary. If information in the packet doesn’t immediately align, the server simply drops it. It doesn’t try to recover the data, try to figure it out, or try to have further exchanges with that client – it just drops it. This feature minimizes OPC UA server processing, which preserves the resilience of the server.
— Message spoofing—a way to forge messages. This is sometimes called a man-in-the-middle attack, where messages are manipulated to appear authentic when in reality they are not. OPC UA packets use encryption, certificates, embedded Session ID’s, and Channel ID’s, so fake messages don’t make it through.
–Message alteration, or replay, where hackers try to take a valid message and attempt to replay it a number of times. OPC UA session ID’s, channel ID’s, timestamp sequence numbers, request IDs, and so forth, all take these things into account, preventing the replaying of messages.
— Eavesdropping is eliminated through OPC UA’s data encryption.

All network and interoperability options will need to include some type of security functions. OPC UA views data as being in, what it calls, the data-in-motion state. It looks at data holistically, not just how data may be encrypted as it moves across the wire, but also, who should have access to the information, and what they can do with it.

OPC UA security incorporates know-how from other groups. For example, it follows the National Security Agency concept of defense-in-depth, which includes multiple layers of security. Another example is the National Institute of Standards and Technology approach with algorithms. NIST monitors algorithms as they evolve to reduce vulnerability. And then, there is the use of certificates. Components like small microprocessors to large servers and cloud-based systems make use of certificates for security purposes.

Security policies in OPC UA servers create a combination of different algorithms and exchanges that can be established between a client and a server to mutually prove their identity. The policies include the use of encryption standards on how clients and servers will sign messages; how they are going to encrypt and subsequently decrypt the data, the use of tokens and hashing values, and so on.

Data security will always be a work in progress, as hackers continuously find new ways to access data. But if manufacturers take a holistic view when building their products, and end-user administrators properly configure their systems and supporting networks, the number of security breaches can be contained.

You Might Also Like


Filed Under: IoT • IIoT • Internet of things • Industry 4.0
Tagged With: opcua
 

LEARNING CENTER

Design World Learning Center
“dw
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for Design Engineering Professionals.
Motor University

Design World Digital Edition

cover

Browse the most current issue of Design World and back issues in an easy to use high quality format. Clip, share and download with the leading design engineering magazine today.

EDABoard the Forum for Electronics

Top global problem solving EE forum covering Microcontrollers, DSP, Networking, Analog and Digital Design, RF, Power Electronics, PCB Routing and much more

EDABoard: Forum for electronics

Sponsored Content

  • Sustainability, Innovation and Safety, Central to Our Approach
  • Why off-highway is the sweet spot for AC electrification technology
  • Looking to 2025: Past Success Guides Future Achievements
  • North American Companies Seek Stronger Ties with Italian OEMs
  • Adapt and Evolve
  • Sustainable Practices for a Sustainable World
View More >>
Engineering Exchange

The Engineering Exchange is a global educational networking community for engineers.

Connect, share, and learn today »

Design World
  • About us
  • Contact
  • Manage your Design World Subscription
  • Subscribe
  • Design World Digital Network
  • Control Engineering
  • Consulting-Specifying Engineer
  • Plant Engineering
  • Engineering White Papers
  • Leap Awards

Copyright © 2025 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Design World

  • Home
  • Technologies
    • ELECTRONICS • ELECTRICAL
    • Fastening • joining
    • FLUID POWER
    • LINEAR MOTION
    • MOTION CONTROL
    • SENSORS
    • TEST & MEASUREMENT
    • Factory automation
    • Warehouse automation
    • DIGITAL TRANSFORMATION
  • Learn
    • Tech Toolboxes
    • Learning center
    • eBooks • Tech Tips
    • Podcasts
    • Videos
    • Webinars • general engineering
    • Webinars • Automated warehousing
    • Voices
  • LEAP Awards
  • 2025 Leadership
    • 2024 Winners
    • 2023 Winners
    • 2022 Winners
    • 2021 Winners
  • Design Guides
  • Resources
    • Subscribe
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Educational Assets
    • Engineering diversity
    • Trends
  • Supplier Listings
  • Advertise
  • Subscribe
We use cookies to personalize content and ads, to provide social media features, and to analyze our traffic. We share information about your use of our site with our social media, advertising, and analytics partners who may combine it with other information you’ve provided to them or that they’ve collected from your use of their services. You consent to our cookies if you continue to use this website.OkNoRead more