Multi-level user and role concept for a secure plug-and-work based on OPC UA and AutomationML
A frequently denominated use case of Industrie 4.0 is plug-and-work. This use case not only requires the technical base to determine how and what information has to be exchanged during the startup of software and hardware components in the production environment, but also deals with very sensitive information which results in a high demand to secure these. In consequence, plug-and-work mechanisms which base on industrial standards such as AutomationML (IEC 62714) which defines what will be transferred and OPC UA (IEC 62541) which defines how to communicate must be embedded in a confidential environment to secure confidential information meeting the demands of the end user, e.g. plant operators. To this end, the combination of both, OPC UA and AutomationML, must face security issues. A role-based security concept based on both standards and implemented in a software tool is discussed in the present paper.