.png)
In the world of industrial automation, integrating older systems with modern operational goals is a frequent challenge. In one of our recent projects, we encountered a legacy Siemens OPC UA server built in 2016. At the time of its creation, this server met specification standards, including security policies that aligned with then-current practices. However, as technology evolves, so do the requirements for security and interoperability. OPC UA Security specifications, for instance, now follow NIST recommendations, emphasizing the need for periodic site reviews to maintain compliance.
This blog post aims to provide insights into the specific hurdles we faced and how our team leveraged expertise and collaboration to overcome them. Importantly, this discussion is not a critique of OPC UA standards but an exploration of the complexities inherent in working with legacy infrastructure.
Challenges in Connecting to a Legacy OPC UA Server
The Siemens OPC UA server in question was part of a CNC machine that required us to read and write tool data from the operator HMI panel. The first step in this process involved identifying the NodeIds for the required tool data, a daunting task given the presence of over 5,000 variable nodes. To streamline this, we developed a custom scraper client capable of browsing all nodes, extracting attributes such as data types and values, and compiling the relevant variable nodes into a CSV file.
Despite this innovative approach, several challenges arose:
Node Browsing Constraints: The server’s MaxNodesPerRead capability was limited to 1, significantly increasing the time required for data collection and necessitating careful optimization.
Outdated Security Policies: The server used deprecated configurations, including the acceptance of SHA1 certificates and a 1024-bit key size.
Addressing these constraints was essential to establish a stable connection.After overcoming these initial hurdles, our OPC UA client gathered the required data in about an hour. However, another critical challenge emerged: the necessary tool data was missing from the scraper’s output. Extensive reviews of the CNC machine’s specifications did not yield the NodeIds, as they were hidden within the information model. Even after purchasing an OPC UA communication license, the customer had to collaborate with machine builders and OEMs to retrieve these details. The lack of publicly available documentation on these NodeIds resulted in additional time and cost for the customer.
Key Takeaways and the Role of Certification
This experience highlights a broader point: no standard or protocol is free from challenges when applied to diverse and evolving environments. The certification of OPC UA plays a crucial role in ensuring compliance, interoperability, and robust implementation. However, certification alone is not sufficient; periodic updates and maintenance are necessary to align with modern security and operational needs.
Collaborating with machine builders, OEMs, and industry experts proved vital in overcoming these challenges. This case also underscores the importance of tailored solutions, technical expertise, and adaptability when bridging the gap between legacy systems and contemporary requirements.
A Call for Proactive Maintenance
While OPC UA standards provide a strong foundation for interoperability, legacy devices require ongoing support and updates from machine builders and OEMs. Proactive measures—such as regular site reviews, security updates, and thorough documentation—can significantly reduce integration challenges and enhance the overall reliability of these systems.