OPC-UA Connections and Settings

Connecting to a OPC Server

An OPC-UA Connection is used to communicate with an OPC-UA compliant server, such as the one the OPC-UA module provides.

The following steps walk-through connecting Ignition (as an OPC-UA client) to a OPC-UA server:

  1. On the Configure page of the Gateway, go to OPC Connections > Servers.
    The OPC Server Connections page is displayed.

  2. Click on the Create new OPC Server Connection link.

  3. Select OPC-UA Connection from the list and click Next.
    The Discover OPC-UA Endpoints page will appear.

  4. Type in a OPC-UA endpoint for the OPC-UA Server Ignition should connect to. The format should be as follows: opc.tcp://IpAddress:PortIgnition can connect to it's own OPC-UA server's endpoint by using localhost and the default port of 4096: opc.tcp://localhost:4096A hostname could be used instead of an IP address: opc.tcp://myhostname:4096

  5. Once an endpoint has been entered, click the Discover button. A list of available Security Policies and Message Security options will appear.

    images/download/attachments/6037735/opc_ua_connections.PNG

  6. Select a Security Policy and Message Security configuration to use when connecting to the endpoint. Basic128 SecurityPolicies and SignAndEncrypt MessageSecurity are more secure than None. If available, Basic256 should be selected.

    Once an endpoint configuration has been selected, click the Next button.

  7. On the New OPC UA Connection Settings page, give the connection a name.

    Some OPC-UA servers may require a Username and Password, but this is not always the case. Check with the OPC-UA server's documentation for more details.

    By default, Ignition's OPC-UA server requires the following credentials:

    Username

    opcuauser

    Password

    password

    Once credientials have been entered, click the Create New OPC Server Connection button.

    Ignition is now connected to the OPC-UA server.

OPC-UA Server properties

Main

Name

A name used to identify this connection.

Description

Short description of this connection.

Read-only

Puts the connection into read-only mode. All writes sent to this server will fail.

Enabled

Disable the connection to the OPC server.

Authentication

Username and Password

If a username and password are specified, they are used as a user identity token when connecting to the specified OPC-UA server.
The internal OPC-UA server provided by the OPC-UA module uses an Ignition security profile to govern who can connect to it. This can be configured in the OPC-UA > Settings section.

Change Password?

Enable this property to change the configured password.

Advanced

Host Override

When specified, if the endpoint address returned by the OPC server has a different IP address or hostname than the discovered endpoint, the overridden value will be used. Expects just an IP address or hostname. Example: 192.168.1.10

Max Per Operation

Specify the maximum number of nodes to read, write, subscribe, or unsubscribe to in any given UA server request.

Failover Settings

Failover Enabled

When enabled, if this OPC-UA server connection is faulted, requests will be sent to a failover OPC-UA server.

Failover Endpoint

The endpoint of the failover server.
Example: opc.tcp://192.168.1.0:4096

Failover Threshold

The number of retry attempts before the failover connection is used.

This feature is new in Ignition version 7.8.3

Failover Settings

 

Backup Discovery URL

The discovery URL for the backup server's OPC-UA server. Expects the following format:

opc.tcp://hostname:port

Backup Endpoint URL

The full endpoint URL for the backup gateway. An example endpoint would look like the following:

opc.tcp://10.20.1.100:4096/iaopcua/Basic128Rsa15

How do I determine the Endpoint for my backup?

See step 5 in the Connecting to a OPC-UA Server guide above. Clicking the Discover button will show a list of available endpoints to connect to.

Failover Versus Backup Properties

The Failover properties should be used when a single Ignition gateway needs to connect to a pair of redundant OPC-UA servers. The failover OPC-UA server will be used in the event the primary OPC server goes down. To enable failover, set the Failover Enabled property to true, and specify the Failover Endpoint. The Failover Threshold can be adjusted if desired.

The Backup properties should be used when a pair of redundant Ignition gateways are trying to look at the same OPC-server. Both the Backup Discovery URL and Backup Endpoint URL properties need to be configured.

OPC Quick Client

You can access the OPC Quick Client from under the OPC Connections section of the Ignition Gateway Config section. It allows for quick, simple testing of any devices connected to the server.

You can browse by expanding tree nodes and read/write to tags by clicking on the [r] and [w] buttons next to those tags.

Subscriptions can be made by clicking on the [s] button. Clicking on the enable live values link will automatically refresh subscriptions and show live value changes (if there are any).

Ignition OPC-UA Server

You can see the following OPC-UA Server Settings by going to the Configure section of the Gateway and then choosing OPC-UA > Settings.

Authentication

Authentication Profile

The User Source that the OPC-UA module will use to authenticate incoming connections against. By default, this is set to the opcua-module User Source. This profile is included in the default installation and has the following as its default settings:
user: opcuauser
password: password

Allowed Roles

Roles within the given User Source that are allowed to connect to the server. Multiple roles should be separated by a comma, for example, Administrator,user,manager.

Allow Anonymous Access

If checked, will allow anonymous connections to the server. Not checked by default.

Server

Server Port

The port the OPC-UA module runs on.

Endpoint Address

This is the local address that the Ignition UA server will bind to. It is also the address that will be used in a GetEndpointResponse, so it is important that this be an address reachable by any clients that wish to connect. Requires a module restart to take effect. This is useful if the server machine has a VPN connection or multiple adapters and is returning the wrong address.

Minimum Sampling Interval

The fastest rate (in milliseconds) that the server will use to sample its underlying data sources. Requires a module restart to take effect. The default is 100.

Discovery Server

Discovery Server Enabled

Select the check box if the local discovery server should be enabled. Requires a module restart to take effect. By default, the check box is selected or True.

Expose Configured Tags

Expose Tag Providers

If enabled, Ignition tag providers will be exposed through the OPC-UA server, allowing third party clients to access the tags configured in the system. By default, the check box is not selected or False.

Other

 

Stale Threshold

The multiplier by which the server determines that updates from a driver have become stale. This period will be calculated as the fastest sampling rate for that node multiplied by this settings value. Default is 5.

Allow Untrusted Certificates

Whether or not to automatically accept incoming certificates or to rely upon them being placed into the trusted certificate list before allowing a connection. By default, the check box is selected or True.

Discovery Server

Address of the discovery server to register with. Default is localhost.

Discovery Registration Frequency

Frequency (in minutes) at which the server will attempt to register with the discovery server. Default is 10.

Auto-cast Writes

Attempt to auto-cast incoming writes to the correct DataType before rejecting them with a Bad_InvalidType StatusCode. By default, the check box is selected or True.

A Frequently Asked Question

How to I get data from my PLC?

Getting data from your PLC into Ignition is a two step process:

  1. Add a device, see Connecting to a Device.

  2. Add some tags, see Creating Tags.

It requires you to touch both the Ignition Gateway and the Ignition Designer. There are also some limitations as to what kind of devices you can connect to Ignition and these are explained throughout the user manual, however included below is an overview of what you can expect when it comes to compatibility.

Brief summary of device connection in Ignition

  • Ignition can only connect directly to devices over Ethernet.

  • Ignition can only connect directly to devices for which there is an Ignition device driver. Included drivers are:

    • Allen Bradley - ControlLogix 5500, CompactLogix, MicroLogix 11/1400, PLC-5, SLC 505

    • Siemens - S7-300, S7-400, S7-1200

    • Modbus - The Modbus driver connects to any ethernet enabled device that uses the Modbus protoco

  • Ignition can connect to third party OPC servers via OPC-UA or OPC-DA (using the OPC-COM module) for devices that do not have a supported driver.

Adding a Device to Ignition

Ignition Supported OPC-UA Device

Most commonly you will be adding a device that is supported by one of the built-in device drivers. The first step is connecting your device to Ignition. This is done through the Ignition Gateway Configuration section under the OPC-UA -> Devices page.

  1. Click "Add a device..."

  2. Select the driver for the device you wish to add

  3. When adding a device you will notice that there are some common settings that are shared by all devices. You can find an explanation of these settings here: Adding a New Device

  4. Specify any of the required device specific settings for the device (For example, hostname, etc.)

  5. Check the status of your device to see if it is connected.

As long as all the device information you entered was correct you should see your device in a "Connected" state. The only exception to this is if you chose to add a Siemens or Modbus device. Since these devices don't support the browsing of tags you will have to create and address some tags in the Ignition designer before the device will stop cycling from a connected to disconnected state.

If you need to address your tags for your Siemens or Modbus device you'll want to read about adding Tags in the Ignition Designer as well as how addressing works for the different protocols. You will have to first add a tag in the Ignition designer and then edit the OPC Item Path of the tag using the appropriate addressing scheme.

Adding Connection to 3rd Party OPC Server via OPC-UA

If your device does not have an Ignition driver, you can use a 3rd party OPC server to connect to your device and then have Ignition connect to the server as a client. If the OPC server talks OPC-UA, you can add a new OPC-UA server connection in the Ignition Gateway. Configuration will be different depending on what OPC server you are using but the following is an example of a popular solution, connecting to KEPServer via OPC-UA, see Connecting to Kepware OPC-UA.

Adding Connection to 3rd Party OPC-Server via OPC-COM

The following section provides a detailed walk-through on how to connect to an OPC server using the OPC-COM module. If Ignition doesn't have a driver for your device and you don't have an OPC server that talks OPC-UA, you have to connect using the OPC-COM module, see Connecting to OPC Classic (COM) .

Adding tags for Allen Bradley devices

Tags are how Ignition represents your PLC tags. You create Tags in the Ignition Designer and then you can use these tags to store history or display PLC data in your projects.
For the most part, Allen Bradley devices support browsing of tags in the PLC. There are a few exceptions like the MicroLogix 1200/1500 for which you have to manually address your tags. For now we will focus on creating tags from devices that support browsing.

  1. Open the Ignition Designer.

  2. Drag desired tags from the OPC Browser to the Tag Browser as described here: Creating Tags (if you don't know what Tag Provider means don't worry, merely drag them into the Tags folder). You should now see some tags in the Tag Browser that show the current values of the respective tags in your PLC. Don't stop here. You should read through the related links below so you can learn more about Tags and how they work.