Welcome to the Industrial Automation website!

NameDescriptionContent
XING-Automation
E-mail  
Password  
  
Forgot password?
  Register
当前位置:

OMRON NJ/NX OPC UA Configuration Guide

F: | Au:FAN | DA:2026-05-07 | 340 Br: | 🔊 点击朗读正文 ❚❚ | Share:

In the 'Node Settings', you can control whether to' expand structure members' and 'expand array elements'.

When selecting 'expand', each member of the structure or each element of the array will be published as an independent node, making it easier for the client to read and write finely. Choosing 'not expand' will treat the entire node as a whole, with a smaller communication load.

Deep Analysis of Security Models

The core advantage of OPC UA lies in its security. The NJ/NX controller implements multiple layers of security mechanisms to ensure that only authorized clients and users can access data.

3.1 Application authentication: Handshake based on X.509 certificate

This is authentication between the server and the client.

Server certificate:

The CPU unit serves as a server and holds a self signed certificate.

Automatic generation: After setting OPC UA to "use" for the first time and restarting, the system automatically generates a certificate using the IP address of the current built-in EtherNet/IP port. Its validity period is usually 20 years.

Manual regeneration: When a 'server certificate mismatch' or IP address change occurs, the certificate must be manually regenerated. Operation path: In online mode, right-click on OPC UA server settings ->server certificate ->regenerate certificate. DN information (organization, city, country, etc.) and validity period can be modified here.

Export: After generating a new certificate, it must be saved as a. der file using the "Export" button and installed on all OPC UA clients that allow connections.

Client certificate:

The client needs to prove its identity to the server.

Import: Administrators can add trusted client certificates (. der files) to the "Trusted Certificate List" of the controller.

Auto Reject: If an unregistered client attempts to connect, its certificate will be automatically placed in the "Reject Certificate List" and the connection will be rejected. The administrator can move the certificate from this list to the trusted list in the future to authorize the client.

3.2 User authentication: Control operation permissions

In addition to device authentication, operator authentication can also be performed.

Username/Password: Administrators can add up to 20 users in "Security Settings". Username (4-32 characters) and password (8-32 characters) are case sensitive.

Anonymous login: You can choose "disable" or "allow". For security reasons, it is recommended to prohibit anonymous login in actual production environments.

Role function (supported in higher versions):

Different users can be assigned roles (Observer, Operator, Maintainer, Designer, Administrator).

The hierarchical progression of role permissions. For example, Observer can only browse and read, not write; And Operator and above can execute methods and write variables.

Even the required roles can be set for different namespace nodes to achieve fine-grained permission control.

3.3 Message Security Strategy: Encryption and Signature

In the "Security Policy" section of the "Security Settings", you can define the communication encryption modes allowed by the server.

None: Not recommended for use in production environments.

Signature: Only sign the message to ensure data integrity (tamper proof), without encryption.

Signature and Encryption: Simultaneously sign and encrypt the message to ensure integrity and confidentiality (anti eavesdropping).

Algorithm selection: Supports Basic128Rsa15, Basic256, Basic256Sha256, as well as newer Aes128Sha256RsaOaep and Aes256Sha256RsaPss.

Best practice: For security reasons, clear the "none" and weaker Basic128Rsa15 options, and choose "sign and encrypt" combined with strong algorithms.


Client Connection and Data Interaction

After completing the server-side configuration, the OPC UA client can connect.

Connection URL: The client needs to use the URL defined in the "endpoint" for connection, such as OPC tcp://192.168.250.1:4840/ .

Security negotiation: The client must choose the security policies and modes allowed by the server.

User login: Depending on the server settings, provide a username/password or perform anonymous login.

Address space browsing: After a successful connection, the client can browse the address space. The typical structure is Objects ->DeviceSet ->[Controller Name] ->GlobalVars, where all published variables can be seen.

Read and write operations: The client can read or write to specific nodes. Write permission is subject to a combination of variable attributes (such as constants), user roles, and node security policies.

Operation, maintenance, and troubleshooting

5.1 Start and Stop

Startup: As mentioned earlier, it automatically starts after downloading the configuration and restarting the controller.

Manual stop: You can execute the OPCUA_Shutdown command or click "Server Shutdown" on the "Server Status" page of Sysmac Studio. After stopping, the controller needs to be restarted before it can run again.

  • Basler SR32A2B05B3E Static Voltage Regulator
  • Basler Electric BE1-59N Ground Fault Overvoltage Relay
  • Basler Electric 9110000113 Excitation Module
  • Basler Electric 90-72300-114 Control Accessory
  • Basler Electric PRS-250 Protection Relay System
  • Basler Electric BE1-50/51M-109 Overcurrent Relay
  • Basler Electric SR4A1B10B3E Static Voltage Regulator
  • Basler Electric CBS 212 Current Boost System
  • Basler Electric SR32A2B05B3E Static Voltage Regulator
  • Basler Electric MOC2207 Motor Operated Potentiometer
  • Basler Electric SR4A1B05A3E Static Voltage Regulator
  • Basler Electric BE1-32R Power Relay B2EE1PA0N1F
  • Basler BEI-81 Underfrequency Relay
  • Basler CBS 212A Current Boost System
  • Basler SSR 63-12 Static Voltage Regulator
  • Basler DGC-2020 Digital Genset Controller
  • Basler BE1-32 Reverse Power Relay
  • Basler BE1-50/51B-207 Overcurrent Relay
  • Basler BE1-951 Overcurrent Protection System
  • Basler 9073800-103 Power Supply
  • Basler SCA1300-32FC CCD Camera
  • Basler 9073800-103 Power Supply
  • Basler SCA1300-32FC CCD Camera
  • Basler L304KC Protective Relay
  • Basler BE3-25-1S1N4 Time Overcurrent Relay
  • Basler 9032300113 Excitation Support System
  • Basler BE1-59N Ground Overvoltage Relay
  • Basler MVC-300 Manual Voltage Control Unit
  • Basler MOC2102 Potentiometer
  • Basler BE1-87G Generator Differential Relay
  • Basler Electric DECS-200 Digital Excitation Control System
  • Basler Electric DECS 125-15-B2C5 Digital Excitation System
  • Basler Electric PLA2400-12GM Power Supply
  • Basler Electric BE1-50/51B-235 Overcurrent Relay
  • Basler Electric BE1-27/59 Undervoltage Overvoltage Relay
  • Basler Electric CEM-2020 Contact Expansion Module
  • Basler Electric BE1-32R Solid State Power Relay
  • Basler Electric BE1-700 Digital Generator Management Relay
  • Basler Electric BE1-59N Ground Fault Overvoltage Relay
  • Basler Electric BE10493002 Protection Module
  • Basler Electric BEI-79A1AA5CA3M1F Digital Annunciator
  • Basler Electric SSR 32-12 Static Voltage Regulator
  • Basler Electric BE1-CDS240 Current Differential System
  • Basler Electric BE1-67 Directional Overcurrent Relay
  • Basler Electric 9121000106 DECS-100 Voltage Controller
  • Basler Electric BEI-871 Interface Module
  • Basler Electric 8650C72 Exciter Control Module
  • Basler Electric RDP-110-S1 Generator Annunciator
  • Basler Electric BE1-32O/U Directional Power Relay
  • Basler Electric BE2000E AVR Voltage Regulator
  • BASLER ELECTRIC BE1-50F2EA1PA0N0F Instantaneous Overcurrent Relay
  • BASLER ELECTRIC BE1-81T1EE1WA0N1F Underfrequency Relay
  • Basler BE1-67 Directional Overcurrent Relay
  • Basler BE1-25/79TR Reclosing Relay
  • Basler CEM-2020 Contact Expansion Module
  • Basler BE1-11 Overcurrent Protection Relay
  • Basler BE1-GPS Generator Protective Relay
  • BASLER ELECTRIC MVC-300 MANUAL VOLTAGE CONTROL UNIT 9121000106
  • Basler Electric KR2FF Voltage Regulator 9 1163 00 109
  • BASLER ELECTRIC BE1-87G-G1E-A1K-A0N0F Generator Differential Relay
  • Basler BE1-47NE3EA1PA0N2F Phase Sequence Relay
  • Basler BE1-81-T1E-E1C-B0N1F Frequency Relay
  • Basler DECS125-15 Excitation Control
  • Basler BE1-25 Sync-Check Relay
  • Basler BE1-50/51B Overcurrent Relay
  • Basler BE1-40Q Loss of Excitation Relay
  • Basler BE1-50/51M-104 Overcurrent Relay
  • Basler SSE-N 250-9 KW Shunt Exciter Assembly
  • Basler BE1-87T Transformer Differential Relay
  • Basler BE1-60 Solid State Protective Relay
  • Basler DECS125-15 Excitation Control System
  • Basler SR4A-2B15B3A Static Voltage Regulator
  • Basler BE150BF Overcurrent Relay
  • BASLER ELECTRIC BE1A1HF1JD1S2F Overcurrent Relay
  • Basler BE1-81O Under/Over Frequency Relay
  • Basler EDM-200 Exciter Diode Monitor
  • Basler DECS125-15-B2C5 Excitation Control
  • Basler 9261402100 PCB Board
  • Basler 9252000107 Overcurrent Relay
  • Basler BE1-87T Solid State Protective Relay
  • Basler Electric Phase Directional Overcurrent Relay BE1-Z2JA0N2F
  • Basler SSR125-12 Static Voltage Regulator
  • Basler Electric KR7F VOLTAGE REGULATOR 9116200100
  • BASLER ELECTRIC BE1-59N-A8E-E1L-N0S1F Ground Overvoltage Relay
  • Basler SR8A2B06B3A Static Voltage Regulator
  • BASLER ELECTRIC BE1-81O/UT3EE1KA7N1F Under/Over Frequency Relay
  • Basler MOC2107 Output Module
  • Basler 9125600102 Control Module
  • BASLER ELECTRIC BE1-81T1EE1EA2N0F
  • Basler BE3-25A Time Overcurrent Relay
  • Basler Electric CBS 212 Current Boost System 9 2650 00 100 120/240 VAC 50/60Hz
  • Basler Electric BE1-27 Under Voltage Relay A3EC1JA0N5F
  • Basler BE1-32R Power Relay B2EE1PA0N1F
  • Basler DECS100-B15 Automatic Voltage Regulator
  • Basler SR8A-2B15B3A Static Voltage Regulator
  • Basler AVC63-4 Analog Voltage Regulator
  • Basler UFOV 260 A Overvoltage Module
  • Basler SR4A-2B16B3A Static Voltage Regulator
  • Basler SR4A-2B16B3E Static Voltage Regulator
  • Basler SCA1300-32GM CCD Camera
  • Basler BE34062001 G18 Transformer
  • Basler BE1-87T Transformer Differential Relay
  • Basler 9 2849 00 101 DECS Power Module
  • Basler RAL6144-16GM Line Scan Camera
  • Basler 9269101107 Voltage Regulator Board
  • Basler BE1-851 Overcurrent Relay
  • Basler SR32A-2B13B3E Static Voltage Regulator
  • Basler 9 2007 00 100 Current Boost System CBS 305
  • Basler DECS-100-B11 Automatic Voltage Regulator
  • Basler BE127 Under Voltage Relay
  • Basler 3300C03B1028-G01 Spike Suppressor
  • Basler SSR 125-12 Static Voltage Regulator
  • Basler SCA1300-32GM CCD Camera Lens Enclosure
  • Basler BE32965001 Transformer Timer Kit
  • Basler D90 96801 100 PCB Card
  • Basler BE1-81-T1E-E1C-A0N1F / 9106400 Underfrequency Relay
  • Pro-Face Basler AGP3600-T1-D24 HMI Touch
  • Basler SR4A2B10B1A Static Voltage Regulator
  • Basler SR8A2B05B3A Static Voltage Regulator
  • Basler BE1-25 Time Overcurrent Relay M1FA6PA4S0F
  • Basler SR4A2B05B3E Static Voltage Regulator
  • Basler DECS-200-2L Digital Excitation Control
  • Basler BE303280001 Control Transformer
  • Basler 9262103004 Voltage Regulator Board For Basler DECS-400
  • Basler ICRM-7 Inrush Current Reduction Module
  • Basler BE1-32R Power Relay
  • BASLER ELECTRIC KR4F VOLTAGE REGULATOR 9042600100 600V 50/60Hz
  • Basler 9222600101 Power Module