OPC-UA standard for industrial data exchange guide

OPC-UA (OPC Unified Architecture) is a platform-independent industrial communication standard that provides secure, reliable data exchange between industrial devices, control systems, and enterprise applications. It is important for Industry 4.0 because it provides the semantic interoperability that simpler protocols like Modbus and MQTT lack — OPC-UA devices describe their own data structure, types, and relationships, enabling automated integration. It is the backbone of most digital twin, IIoT, and smart manufacturing initiatives because it connects the shop floor to the cloud with built-in security and a standardised information model.

OPC Classic (OPC DA, OPC HDA, OPC A&E) was Windows-only, relied on Microsoft's DCOM technology (which created significant firewall and security challenges), had no built-in information modelling, and was not suitable for cloud or mobile deployments. OPC-UA is platform-independent (runs on Windows, Linux, embedded systems, cloud), has no DCOM dependency, includes built-in security (TLS, certificates, RBAC), and provides a rich information model with semantic context. OPC-UA is also backwards-compatible with OPC Classic via OPC-UA COM Wrappers for legacy integration.

Companion specifications are industry-specific extensions to the base OPC-UA information model that define standardised data structures for specific equipment types or industries. For example, the OPC-UA for Robotics companion spec defines standard nodes for robot joints, axes, and status. The umati (universal machine tool interface) initiative builds on OPC-UA for Machinery to standardise machine tool data. When a machine supports a companion spec, any compliant OPC-UA client can browse and understand its structure without custom integration, dramatically reducing integration effort.

OPC-UA Pub/Sub is an extension to the standard that adds a publish-subscribe communication model, allowing OPC-UA data to be published to message brokers (MQTT, AMQP) or via UDP multicast without persistent connections. Use Pub/Sub when you need to scale to large numbers of data sources (edge gateways sending data to cloud), when devices are intermittently connected, or when you need to feed multiple consumers with the same data stream. Use the traditional client-server model for direct bidirectional communication with machines — reading values, writing setpoints, and calling methods on PLCs and SCADA systems.

OPC-UA security operates at three levels: transport (TLS for channel encryption), message (signing and optional encryption at the application protocol layer using X.509 certificates), and access control (user authentication via username/password, certificates, or Kerberos, plus role-based access control at the node level). Every OPC-UA server and client has an application certificate. Sessions are established only after mutual certificate validation. In production, always use "Sign & Encrypt" security mode with a modern algorithm (Basic256Sha256 or Aes256Sha256RsaPss). Security is part of the specification, not an optional add-on.

SDK choice depends on your deployment target. For embedded Linux or microcontroller deployments, open62541 (C/C++) is the most widely used and has a small footprint. For edge gateway development in Node.js, node-opcua is mature and well-documented. For Python-based analytics or data pipeline integration, asyncua provides async support. For Java-based enterprise integration platforms, Eclipse Milo is the standard choice. For .NET/C# enterprise applications, the OPC Foundation's official OPC UA .NET Standard library is the reference implementation. For managed cloud integration, AWS IoT SiteWise and Azure IoT Edge OPC Publisher handle OPC-UA ingestion without custom SDK development.

OPC-UA is typically the data source layer in a digital twin architecture. OPC-UA servers embedded in PLCs, SCADA systems, or industrial PCs expose machine data via the information model. An OPC-UA client on an edge gateway subscribes to relevant nodes and publishes the data (often via OPC-UA Pub/Sub over MQTT) to cloud ingestion pipelines. Stream processing translates OPC-UA JSON payloads into the digital twin platform's data model (DTDL, AAS, or proprietary). The semantic richness of the OPC-UA information model — with typed nodes, units, and relationships — significantly reduces the manual configuration needed to build an accurate digital twin.

umati (universal machine tool interface) is an initiative by the VDW (German Machine Tool Builders' Association) and a consortium of machine tool manufacturers to standardise machine data exchange using OPC-UA companion specifications. It defines standard OPC-UA information models for CNC machines, covering spindle data, feed axes, program execution status, and production counts. A machine tool that supports umati exposes a standardised OPC-UA interface that any compliant MES or digital twin platform can connect to without custom integration, dramatically reducing the cost of shop floor connectivity for manufacturing companies.