Contact Us    1-800-249-1612  

Newsletter Issue # 27

Real Time Automation's - Best Darn Newsletter 

Human Contact, Offline Style
The Secrets Within OPC UA Clients
Fun Facts and Trivia

Get a free RTA cowbell this month only!

Take our quick, 4 question survey by December 30th to claim your steal of the month!

November 2015
Ivan in IT and His Paranoia about Cloud Communications
October 2015
EtherNet/IP Big Data Part 2
September 2015
EtherNet/IP Big Data
September 2015
Modbus Conformance



Practical tips and information for young engineers. This issue, featuring:

- The Internet of Things Revisited



Human Contact, Offline Style

A Column of personal opinion by John Rinaldi, Founder and Owner of Real Time Automation.

I recently watched the 2002 movie “Life or Something Like It,” where Angelina Jolie plays Lanie, a newscaster who meticulously plans and designs every moment to further her image, career and personal life. That is until the day a local prophet-like character proclaims to Lanie, “Tomorrow it will hail, the Seahawks will win on Sunday, and next Thursday you’re going to die.” Shaken to her core, she has to confront who she is, what she is doing here and how she wants to live her life.

It struck a chord with me because I’ve found that storyline to be so true. Being confronted with imminent mortality focuses us on what’s important, like nothing else can. My neighbor, the self-nicknamed “Larry the smoker,” is a great example. His whole identity was smoking; he had rituals built around his smoking; he could not conceive of life without cigarettes - that is, until the day he developed esophageal cancer. Within 24 hours Larry had a new focus and a new meaning for his life.

Most of us are like Larry to some degree or another. Sometimes it takes the death of a family member, or a larger-scale tragedy, to remind us how precious life is, such as when a surge of babies were born nine months after 9-11. We need to feel alive and connected. We need to touch all that is uniquely human.

Unfortunately, today’s society feeds us technology that is the antithesis of the real human experience. The deluge of email, texting, Facebook and other social media can lead to disconnection as the convenience of impersonal technology replaces face-to-face encounters. But online communities don’t provide the full range of support possible in the human experience. Sometimes they can even reflect or nurture a narcissistic attitude.

A few days ago I was at the Louvre in Paris. I wanted to experience the Mona Lisa – one of the most beautiful paintings in the world in probably the finest museum in the world. Apparently I was the only one. Everyone else, selfie stick in hand, jockeying for a position, just wanted a selfie with da Vinci’s masterpiece. For them, seeing the Mona Lisa isn’t valuable unless all your Facebook friends can see you at the Louvre with the Mona Lisa.

Most of us enjoy sharing these kind of life highlights online, but have you ever wondered why almost no one shares their personal disappointments or tragedies on Facebook? When burdened with a failing marriage or a life-threatening illness, do people turn to their Facebook friends? No, that’s when we turn to real human company, to see and feel empathy. We need to know we’re understood. We need the eye contact, the comfort of a hand squeeze or a hug.

As such, online technologies can encourage us to aggrandize our lives: Great kids, great vacations, great jobs, great family lives. It forces us into an unhealthy competition, a competition that actually trivializes our lives. It’s dehumanizing.

At the end of the movie “Life or Something Like It,” Lanie realizes she’s built an artificial life around the things that were supposed to make her happy but never did. Faced with her mortality, she discarded all that to find herself, happiness and a meaningful life.

In this Thanksgiving and Christmas season I don’t have any greater wish for you than to find yourself, to find your happiness, and to live a truly meaningful life.

Happy Thanksgiving and Merry Christmas!


- John



· Name Santa’s reindeer.

· The poinsettia, one of the most popular Christmas plants, grows naturally in what country?

· Which state produces most of the US’s Christmas trees?

· What were Frosty’s last words?

· What country created eggnog?

· In the song, “Jingle Bell Rock,” where is everyone dancing and prancing?


Answers located on bottom of page.

The Secrets Within OPC UA Clients

Everyone loves secrets. No one loves secrets more than my granddaughter. I had an empty box in my desk at home and she pestered me for an hour about what might be in that box. And I loved torturing her.

There aren’t a lot of secrets in Industrial Automation, but OPC UA Clients have so much functionality that some of it seems like ‘secrets.’ Today, I’m going to let you in on those secrets.

Let’s start by talking about what a Client is. In most industrial networking technologies, there is a controlling device, one that connects to and controls one or more end devices. In Profinet IO, for example, this device is known as an IO Controller and in EtherNet/IP it’s called a Scanner. No matter what it’s called, that device is configured by the user to open connections with one or more end devices, send outputs to that end device, receive inputs from that end device and, occasionally, send asynchronous command requests.

In OPC UA, a device of this type is known as an OPC UA Client. Like controlling devices in these other technologies, an OPC UA Client device sends message packets to Server devices and receives responses from its Server devices. But beyond this basic functionality, an OPC UA Client device is fundamentally more sophisticated than controllers in other technologies.

Extended Functionality Included in an OPC UA Client:

  • Use of a Discovery process to find eligible Servers on the network.
  • The capability to find available Servers in a standard way and identify the Server’s application type, application name, and set of hostnames it supports.
  • The capability to message a Server on a special non-operational endpoint that exists to provide information like the security mode (signed or encrypted messages), the Server’s security policy, the transports it supports, and the Server’s Application Instance Certificate.
  • Creation of authenticated connections with the Server using the security mode supported by the Server (or an unsecure connection if the Server doesn’t support security).
  • Creation of secure and authorized logical communication sessions with Servers using the security mode supported by the server.
  • Evaluation of the capability of the Server to perform required services for the Client application by inspecting the Server’s software certificate.
  • Sending message requests to Servers requesting the execution of one or more of the service requests supported by the Server.
  • Configuring the Server to notify the Client of alarm conditions, program outputs and data changes.

How OPC UA Clients Find OPC UA Servers
In most industrial and building technologies, you can’t search for Servers on the network. Normally, some “out-of-band” configuration occurs using a dedicated vendor -specific tool or a configuration web page. Unlike these technologies, OPC UA contains a built-in Discovery process where Clients can find and connect to Servers without user intervention. The Discovery process is field configurable by the user, as some installations may not want to expose their Servers, and other installations may want to restrict a Server to communications with specific Client devices.

Every Client has its own process for discovering servers, but there is a set of options that an OPC UA Client can use:

  • Get the Server’s information directly from the Server. Get the hostname of the Server from the user at the installation using some out-of-band mechanism.
  • Get Server information from a Local Discovery Server (LDS) on the same host as the Client
  • Get Server information from LDS Servers on external hosts. The hostnames for these servers would be obtained from the user at the installation using some out-of-band mechanism.
  • Get Server information from external LDS-ME (Multicast Extension) Servers. The hostnames for these servers would be obtained from the user at the installation using some out-of-band mechanism.
  • Search the address space of a Global Discovery Server (GDS) for information on available Servers.

The primary OPC UA service for discovering Servers is the FIND SERVERS service. A FIND SERVERS request directed to a non-Discovery Server returns the application description of that Server.

How Clients Access Server Devices
Once a host has identified a Server of interest and has the Discovery Endpoint and product information, its next step is to identify what Transports and Security that device supports. To get that information, the Client issues the GET ENDPOINTS request. The response to that request is an array of structures called the Endpoint Description.

The Endpoint Description consists of the Application Description for the Server, the Server’s Application Instance Certificate, the Server’s Security Mode, and the Transport supported on each endpoint supported on the Server. The Client device examines all the endpoints available in the Server and selects the one best suited for its application.

How a Client Connects to a Server
Once an endpoint is chosen, the OPC UA Client must make three connections before it can begin to issue Service requests to a Server. First, the Client must make a connection to the Server using the Transport assigned to that endpoint. (Transport options are HTTPS, HTTP and UA TCP, but that list is going to expand as time goes on.)

Second, the Client must establish a secure communication path between itself and the Server device. This connection, a “channel” in OPC UA terms, is a long-running, secure, authenticated connection between the Client and the Server. The channel connection is a device-to-device communication path. The channel authenticates each side in that communication path, and exchanges the keys needed for secure communications between the Client and Server. The keys to encode and decode the secure messages are specific to the security profile implemented on the selected endpoint.

Once the channel is authorized, the final step is for the Client to establish a logical connection with the Server called a session. The session is a long-term, authorized connection between two applications. Sessions are not active until enabled by a Client request. Once enabled, a session can remain open even if the underlying secure channel is closed. In that case, another channel can be created to host that open session. In fact, the Client can access the session from any channel. Sessions typically have a lifetime, and the Client must renew a session before the “homeless” session’s lifetime expires and it is deleted.

Where the channel processing serves to authenticate the devices operating over the connection, sessions serve to authorize the Client application to access the Server application. Servers can reject channel requests or session requests for a whole host of reasons. Servers may have numerous reasons for rejecting these requests, but that approval or rejection is application-dependent and outside the scope of OPC UA.

Once both the channel and session are created, a Client device can begin to access the Address Space of the Server. The various ways a Client can access the Server’s Address Space is a subject for a future article… Stay tuned for further spilling of OPC UA Client secrets!

Learn more about OPC UA by reading the easiest book on OPC UA. Find out more at :





Fun Facts

·According to Roto-Rooter, Black Friday is the busiest day of the year for residential plumbers due to “system overload.”

·The smell of pumpkin pie is a natural aphrodisiac.

·Turkeys can have heart attacks. When the Air Force was conducting test runs and breaking the sound barrier, fields of turkeys would drop dead.

·A group of wild turkeys is called a flock, while a group of domesticated turkeys is commonly referred to as a rafter.



  Trivia Answers: Dasher, Dancer, Prancer, Vixen, Comet, Cupid, Donner, Blitzen, Rudolph; Mexico; Oregon; I’ll be back again someday; England; Jingle Bell Square

Need help? Call our Expert Support Team: 1-800-249-1612