Cyber Security Risks of aspects of operations of OPC Unified Architecture

OPC Unified Architecture (OPC UA) is a new OPC standard that is the successor of OPC Classic, and it has various security features. Generally, OPC UA is considered to be secure, but if it is not appropriately implemented or configured, there might be cyber risks. In this research, evaluate the cyber risks of OPC UA using several OPC UA products. We focus on security features of OPC UA: application authentication, user Authentication, encryption, and signing. We will show the evaluation result under each typical security configuration in several OPC UA products, then introduce points of attention for OPC UA security configurations and operations based on the evaluation result. Cyber risks and corresponding measures described in this research should be conscious by OPC UA product venders, system integrators and operators of Industrial Control System.