The OPC UA DA Collector

OPC UA Data Access (DA) Collector for Windows

The OPC UA Data Access (DA) collector gathers and collects data from any OPC UA 1.0-compliant OPC UA DA server (such as CIMPLICITY). The OPC UA DA collector automatically determines the capability of the OPC UA DA server to which it is connected, and supports the appropriate features based on this information.

This manual refers to the Microsoft Windows edition of the OPC UA DA collector.

OPC UA DA Collector Feature Summary

The following table outlines the features of the OPC UA DA collector.

Table 1. DA Collector Features
FeatureCapability
Browse Source for Tags Yes (on an OPC UA DA collector that supports browsing)
Browse Source for Tag Attributes Yes
Polled Collection Yes Minimum Poll Interval 100 ms
Unsolicited Collection *Yes
Timestamp Resolution 1ms
Accept Device Timestamps Yes
Floating Point Data Yes
Integer Data Yes
String DataYes
Binary Data Yes
Python Expression TagsYes
Note: If you are using an OPC UA DA collector with unsolicited data collection and have collector compression disabled, all new values should produce an exception. When the OPC UA DA collector is doing unsolicited collection, the deadband percentage is determined by the collector deadband percent. You can only configure the collector deadband percent by enabling compression.

You must set Time Assigned by field to Source if you have unsolicited tags getting data from an OPC UA DA collector.

Tag Attributes Available when Browsing

While some of these attributes are queried on a browse, they are not shown in the browse interface. These attributes are used when adding a tag, but it is not visible to you whether all attributes come from the server or not.

The following table outlines tag attribute availability when browsing.

Table 2. Tag Attributes
AttributeCapability
Tagname Yes
Source Address Yes
Engineering Unit Description Yes, varies by the OPC UA Server vendor.
Data Type Yes.
Hi Engineering Units Yes, varies by OPC UA Server vendor.
Lo Engineering Units Yes, varies by OPC UA Server vendor.
Is Array Tag Yes
Hi Scale No
Lo Scale No

Recommended Data Types

The following table lists the data types recommended for use with Historian.

Table 3. Recommended Data Types
OPC UA DA Collector Data Type Recommended Data Type in Historian
OpcUaType_NullihTKVariableString
OpcUaType_BooleanihTKBool
OpcUaType_SByteihTKByte
OpcUaType_ByteihTKByte
OpcUaType_Int16ihTKInteger
OpcUaType_UInt16ihTKUInt16
OpcUaType_Int32ihTKDoubleInteger
OpcUaType_UInt32ihTKUInt32
OpcUaType_Int64 ihTKInt64
OpcUaType_UInt64ihTKUInt64
OpcUaType_FloatihTKFloat
OpcUaType_DoubleihTKDoubleFloat
OpcUaType_DateTimeihTKVariableString
OpcUaType_Guid ihTKDataTypeUndefined
OpcUaType_StatusCode ihTKDataTypeUndefined
OpcUaType_StringihTKVariableString
OpcUaType_ByteStringihTKDataTypeUndefined
OpcUaType_XmlElementihTKDataTypeUndefined
OpcUaType_NodeId ihTKDataTypeUndefined
OpcUaType_ExpandedNodeIDihTKDataTypeUndefined
OpcUaType_DiagnosticInfo ihTKDataTypeUndefined
OpcUaType_QualifiedNameihTKDataTypeUndefined
OpcUaType_LocalizedTextihTKDataTypeUndefined
OpcUaType_ExtensionObject ihTKDataTypeUndefined
OpcUaType_DataValueihTKDataTypeUndefined

Configuring an OPC UA DA Collector

About this task

Configure values using the OPC UA Collector Maintenance - Configuration section.

Procedure

  1. Select an OPC UA DA collector from the list on the left of the Administrator Tool Collectors section.
  2. Select Configuration.
    The following page appears.

  3. Enter values for the collector-specific field parameters.
    Field Description
    OPCUA Server URI

    Format: opc:tcp://localhost:12345

    This field represents the OPC UA Server URI to which the collector connects. By default, it points to the local host. If this field is updated, the collector must be restarted for the update to take effect.
    Note: This field requires a Unified Resource Identifier (URI), which is a superset of the Uniform Resource Locator (URL). The OPC UA-Server has a URI (not URL), which you must enter in this field.
    Secured Connectivity When enabled, this field ensures secured connectivity between the OPC UA Server and the OPC UA DA Collector. By default, this field is disabled (false).

    The secured connectivity can be established by Using certificates or User authentication.

    If the Secured connectivity is ???true and Enable User Security is unchecked (false), the secured connectivity will be established by using certificates.

    If the Secured connectivity is ???true and Enable User Security is checked (true), the security connectivity will be established by User authentication.
    Note: Ensure that the client certificate is added to the OPC UA Server's Trusted list. This is applicable in either of the cases.

    Enable User Security

    		 When enabled, this field allows you to enter Username and Password credentials to authenticate the connection to the OPC UA server. You must provide OPCUA Server???s user name and password.

    If the username and password is not provided, then the collector will pick the username and password from the ClientConfig.ini file. Refer to the section below for a detailed description on ClientConfig.ini file.

    The collector must be restarted, if any changes are made in the collector configuration or ClientConfig.ini file.

What to do next

Using ClientConfig.ini

All the security related configuration for OPC UA collector to establish secured connectivity to OPC UA server will be done by using ClientConfig.ini file. This file is located in C:\Program Files\GE Digital\Historian. The OPC UA DA Collector\Server64 ClientConfig.ini file has options to select Trust Certificate type, Security Policy, Security Mode, Username and Password. There are default values provided, however these can be configured accordingly.

Sample ClientConfig.ini file: 
[UaClientConfig] 
ApplicationName =OPCUACollector
;TrustCertificate value (only used in secured connection): 
; 0 (No trust), 
; 1 (Trust temporarily) 
; 2 (Default, trust permanently and copy the server certificate into the client trust list) 
TrustCertificate =2 
; Security Policy - Only applicable if TrustCertificate value is 2 
; 0 (http://opcfoundation.org/UA/SecurityPolicy#None ) 
; 1 (http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15) 
; 2 (http://opcfoundation.org/UA/SecurityPolicy#Basic256) 
; 3 (http://opcfoundation.org/UA/SecurityPolicy#Aes256_Sha256_RsaPss)
; 4 (http://opcfoundation.org/UA/SecurityPolicy#Aes128_Sha256_RsaOaep)
; 5 (http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256)
SecurityPolicy =2
Note: If you want to change the security policy, update the value of SecurityPolicy in the ClientConfig.ini document located at C:\Program Files\GE Digital\Historian OPC UA DA Collector\Server64\, Where C is the installation drive. By default, the value of SecurityPolicy will be 2.
; SecurityMode 
; 0 None 
; 1 Sign 
; 2 SignAndEncrypt 
SecurityMode =0 
CertificateTrustListLocation =/[ApplicationPath]/pkiclient/trusted/certs/ 
CertificateRevocationListLocation =/[ApplicationPath]/pkiclient/trusted/crl/ 
IssuersCertificatesLocation =/[ApplicationPath]/pkiclient/issuers/certs/ 
IssuersRevocationListLocation =/[ApplicationPath]/pkiclient/issuers/crl/ 
ClientCertificate =/[ApplicationPath]/pkiclient/own/certs/uaclientcpp.der 
ClientPrivateKey =/[ApplicationPath]/pkiclient/own/private/uaclientcpp.pem
RetryInitialConnect               =true
AutomaticReconnect                =true 
Username =admin 
Password =admin
Note: The RetryInitialConnect parameter is used to retry connecting to the OPCUA DA server when the collector fails to connect to the server initially. The AutomaticReconnect parameter is used to retry connecting to the OPCUA DA server when the collector fails to connect to the server subsequently.

Adding a Client Certificate to the Trusted List

About this task

When Secured Connectivity is enabled between the OPC UA DA server and the OPC UA DA collector, a Client Certificate must be added to the OPC UA Server's Trusted certificates list.

Procedure

  1. Start the OPC UA Server in secured mode. (The OPC UA DA collector does not start.)
  2. Locate the local/remote server's install location on the machine where the OPC UA server is running. Usually, it is \ProgramFile\OPC UA Server Name.
  3. Locate the Rejected folder.
  4. Locate the client certificate within the Rejected folder.
  5. Copy and paste the certificate into the Trusted list for the OPC UA Server. To locate the folder with the Trusted certificate, refer to your OPC UA Server documentation.
  6. Restart the OPC UA DA collector.

Browsing for Tags in a Hierarchical structure

About this task

If your OPC UA Server supports hierarchical organization of tags in a tree structure, then Historian will use the server's hierarchy when browsing tags in a Collector in the Non-Web Administrator.

Procedure

  1. From the Collector drop-down list, select the OPC UA DA collector you wish to browse.
    1. To limit the displayed tags to only those that are not collected, select Source Tags Not Collected from the Show Only list.
    2. To limit the displayed tags to match a tag name or tag description, enter the value to match in the Source Tag Name or Description text boxes.
    A hierarchical tree appears in the Browse Results window.
  2. Navigate to the node in the tree you want to browse and then select Browse.
    1. To browse automatically, select the AutoBrowse check box. The available tags display in the Browse Results window whenever a node is selected in the tree.
    2. To show all child elements within a hierarchy, enable the Show All Children check box. All tags at or below the hierarchical level of the selected node in the tree will appear in the Browse Results window.
    The tags within the selected portion of the tag hierarchy will be displayed.
  3. Select the tag(s) you want to add to Historian, and select Add Selected Tags.
    Collected tags appear in black text in the tag list.

About OPC UA DA Collector Groups

It is a best practice to limit the number of OPC UA DA collector groups created by the Historian system to increase performance. To limit the number of OPC UA DA collector groups created on the OPC UA DA server, group Historian tags collected by the OPC UA DA collector using the fewest number of collection intervals possible.

Troubleshooting

The OPC UA DA collector generates log files during initialization, configuration, and general operation. These can be found in the general logging folder C:\Proficy Historian Data\LogFiles

Troubleshooting Tips

In case the collector does not connect to OPC UA DA server or tags are not displayed:

  • Ensure that the certificate is added to Trusted list following Adding a Client Certificate to the Trusted List section.
  • Ensure that you have provided a valid User name and Password credentials
  • Restart the collector whenever there is any change made to the configuration using Historian Administrator or ClientConfig.ini
  • Check that secured Connectivity is true and Enable User security is checked to have connection with User Authentication.
  • Ensure that the Source Server supports Security Policy and Security Mode whenever user sees ???Matching of secure endpoint not available between server and collector error message in the Log File.
  • Ensure that the RetryInitialConnect and AutomaticReconnect parameters are set to true in the ClientConfig.ini file.