MADCAD.com - The Cloud-Based Reference Library

Not a subscriber? Register for a trial account.

Username:
Password:

Incorrect username/password.

Already a subscriber?

MADCAD.com Free Trial

Sign up for a 3 day free trial to explore the MADCAD.com interface, PLUS access the
2009 International Building Code to see how it all works.

If you like to setup a quick demo, let us know at support@madcad.com
or +1 800.798.9296 and we will be happy to schedule a webinar for you.

Email *
Password *
Confirm *
First Name *
Last Name *
Title
Company Name *
Company Size *
Industry *
Address *
Address 2
City *
State *	Zip *
Country *
Phone *
How did you hear about MADCAD.com? *

⨯To continue with accurate pricing,
please select your company type below:

Large goverment organizations

Large multi-national corporation (more than $5B annual revenue)

None of the above

Your company has a special pricing case for IEEE.
For pricing, please contact us by filling out the form.

Full name*
Email*
Phone
Your selection

⨯We need your input!

Are you a code official in a jurisdiction with less than 300,000 population?

Yes No

This item is only available for the code officials of jurisdictions less then 300K population.

If you do not meet the criteria item will be removed and you will be able to continue shopping other items.

⨯ We need your input!

Your company has a special pricing case for ASME.
Please make sure the information you provide below is accurate.

Company Industry
Number Of Employees
Revenue

Pricing for the ASME publications in the store is for a 1-4 employee company in Construction Industry with revenue under $500,000.
If correct company info does not match what is publicly available info we will suspend the access and contact you for correction.
Please call 1-800-798-9296 if you have any questions.
If your company has more than 5,000 employee or more than 500 mil revenue please email us at info@madcad.com to receive a special quote, use "ASME Quote" on the subject line.

⨯ We need your input!

Your company has a special pricing case for BSI.
Please make sure the information you provide below is accurate.

Number Of Employees
Number Of Locations
Academic?
In UK?

If correct company info does not match what is publicly available info we will suspend the access and contact you for correction.
Please call 1-800-798-9296 if you have any questions.

Search book title

Search book content

Clear all filters Advanced Search Basic Search

Download File

eLibrary > IEC 62541-15 Ed. 1.0 b:2025 OPC Unified Architecture - Part 15: Safety >

IEC 62541-15 Ed. 1.0 b:2025 OPC Unified Architecture - Part 15: Safety, 2025

Expand All

TOC Search:

IEC 62541-15 Ed. 1.0 b:2025 OPC Unified Architecture - Part 15: Safety, 2025

English [Go to Page]
CONTENTS
FOREWORD
INTRODUCTION
1 Scope
2 Normative references
3 Terms, definitions, symbols, abbreviated terms and conventions [Go to Page]
3.1 Terms and definitions [Go to Page]
3.1.1 Common terms and definitions
3.1.2 Additional terms and definitions
3.2 Symbols and abbreviated terms [Go to Page]
3.2.1 Abbreviated terms from IEC 61784-3
3.2.2 Additional symbols and abbreviated terms
3.3 Conventions [Go to Page]
3.3.1 General conventions
3.3.2 Conventions for requirements numbering
3.3.3 Conventions in state machines
4 Overview of OPC UA Safety [Go to Page]
4.1 General
4.2 Implementation aspects
4.3 Features
4.4 Security policy
5 General [Go to Page]
5.1 External documents providing specifications for the profile
5.2 Safety functional requirements
5.3 Safety measures
5.4 Safety communication layer structure
5.5 Requirements for CRC calculation
6 Safety communication layer services [Go to Page]
6.1 General
6.2 Information models [Go to Page]
6.2.1 General
6.2.2 Object and ObjectType Definitions
6.2.3 DataType definition
6.2.4 SafetyProvider version
6.2.5 DataTypes and length of SafetyData
6.2.6 Connection establishment
6.3 Service interfaces [Go to Page]
6.3.1 Overview
6.3.2 OPC UA Platform interface (OPC UA PI)
6.3.3 SafetyProvider interfaces
6.3.4 SafetyConsumer interfaces
6.3.5 Cyclic and acyclic safety communication
6.3.6 Principle for "application variables with qualifier"
6.4 Diagnostics [Go to Page]
6.4.1 General
6.4.2 Diagnostics messages of the SafetyConsumer
6.4.3 Method ReadSafetyDiagnostics of the SafetyProvider
7 Safety communication layer protocol [Go to Page]
7.1 General
7.2 SafetyProvider and SafetyConsumer [Go to Page]
7.2.1 SPDU formats
7.2.2 Behaviour
7.2.3 Subroutines
8 Safety communication layer management [Go to Page]
8.1 General
8.2 Safety function response time part of communication
9 System requirements (SafetyProvider and SafetyConsumer) [Go to Page]
9.1 Constraints on the SPDU parameters [Go to Page]
9.1.1 SafetyBaseID and SafetyProviderID
9.1.2 SafetyConsumerID
9.2 Initialization of the MNR in the SafetyConsumer
9.3 Constraints on the calculation of system characteristics [Go to Page]
9.3.1 Probabilistic considerations (informative)
9.3.2 Safety related assumptions (informative)
9.4 PFH and PFD values of a logical safety communication link
9.5 Safety manual
9.6 Indicators and displays
10 Assessment [Go to Page]
10.1 Safety policy
10.2 Obligations
10.3 Index of requirements (informative)
11 Profiles and conformance units
12 Namespaces [Go to Page]
12.1 Namespace metadata
12.2 Handling of IEC 62541 namespaces
Annex A (normative) Safety namespace and mappings
Annex B (informative) Additional information [Go to Page]
B.1 CRC calculation using tables, for the polynomial 0xF4ACFB13
B.2 Use cases [Go to Page]
B.2.1 Unidirectional communication
B.2.2 Bidirectional communication
B.2.3 Safety multicast
B.3 Use cases for operator acknowledgment [Go to Page]
B.3.1 Explanation
B.3.2 Use case 1: unidirectional communication and OA on the SafetyConsumer side
B.3.3 Use case 2: bidirectional communication and dual OA
B.3.4 Use case 3: bidirectional communication and single, one-sided OA
B.3.5 Use case 4: bidirectional communication and single, two-sided OA
Annex C (informative) Information for assessment
Bibliography
Figures [Go to Page]
Figure 1 – Relationships of OPC UA safety with other standards
Figure 2 – Safety layer architecture
Figure 3 – Server Objects for OPC UA Safety
Figure 4 – Instances of Server Objects for this document
Figure 5 – Safety multicast with three recipients using IEC 62541 PubSub
Figure 6 – Safety parameters for the SafetyProvider and the SafetyConsumer
Figure 7 – Safety communication layer overview
Figure 8 – SafetyProvider interfaces
Figure 9 – Example combinations of SIL capabilities
Figure 10 – SafetyConsumer interfaces
Figure 11 – RequestSPDU
Figure 12 – ResponseSPDU
Figure 13 – Sequence diagram for requests and responses (Client/Server)
Figure 14 – Sequence diagram for requests and responses (PubSub)
Figure 15 – Duration of demand example for missed demand value in case of currently available SafetyData not being provided until second change of MNR
Figure 16 – Duration of demand example for received demand value in case of currently available SafetyData being provided
Figure 17 – Simplified representation of the state diagram for the SafetyProvider
Figure 18 – Principle state diagram for SafetyConsumer
Figure 19 – Sequence diagram for OA
Figure 20 – Overview of task for SafetyProvider
Figure 21 – Calculation of the SPDU_ID
Figure 22 – Example for the calculation of SPDU_ID_1, SPDU_ID_2 and SPDU_ID_3
Figure 23 – Calculation of the CRC (on little-endian machines, CRC32_Backward)
Figure 24 – Calculation of the CRC (on big-endian machines, CRC32_Forward)
Figure 25 – Overview of delay times and watchdogs
Figure 26 – Conditional residual error probability of the CRC check
Figure 27 – Counter example: data lengths not supported by OPC Safety
Figure 28 – Facets and ConformanceUnits
Figure B.1 – Unidirectional communication
Figure B.2 – Bidirectional communication
Figure B.3 – Safety multicast
Figure B.4 – OA in unidirectional safety communication
Figure B.5 – Two-sided OA in bidirectional safety communication
Figure B.6 – One sided OA in bidirectional safety communication
Figure B.7 – One sided OA on each side is possible
Tables [Go to Page]
Table 1 – Conventions used in state machines
Table 2 – Deployed safety measures to detect communication errors
Table 3 – SafetyACSet definition
Table 4 – SafetyObjectsType definition
Table 5 – SafetyProviderType definition
Table 6 – SafetyConsumerType definition
Table 7 – ReadSafetyData Method arguments
Table 8 – ReadSafetyData Method AddressSpace definition
Table 9 – ReadSafetyDiagnostics Method arguments
Table 10 – ReadSafetyDiagnostics Method AddressSpace definition
Table 11 – SafetyPDUsType definition
Table 12 – SafetyProviderParametersType definition
Table 13 – SafetyConsumerParametersType definition
Table 14 – InFlagsType values
Table 15 – InFlagsType definition
Table 16 – OutFlagsType values
Table 17 – OutFlagsType definition
Table 18 – RequestSPDUDataType structure
Table 19 – RequestSPDUDataType definition
Table 20 – ResponseSPDUDataType structure
Table 21 – ResponseSPDUDataType definition
Table 22 – NonSafetyDataPlaceholderDataType structure
Table 23 – SAPI of the SafetyProvider
Table 24 – SPI of the SafetyProvider
Table 25 – SAPI of the SafetyConsumer
Table 26 – SPI of the SafetyConsumer
Table 27 – Example "application variables with qualifier"
Table 28 – Safety layer diagnostic messages
Table 29 – Symbols used for state machines
Table 30 – SafetyProvider instance internal items
Table 31 – States of SafetyProvider instance
Table 32 – SafetyProvider transitions
Table 33 – SafetyConsumer internal items
Table 34 – SafetyConsumer states
Table 35 – SafetyConsumer transitions
Table 36 – Presentation of the SPDU_ID
Table 37 – Coding for the SafetyProviderLevel_ID
Table 38 – Examples for cryptographically strong random number generators
Table 39 – The total residual error rate for the safety communication channel
Table 40 – Information to be included in the safety manual
Table 41 – Index of requirements (informative)
Table 42 – NamespaceMetadata Object for this document
Table 43 – Namespaces used in a safety Server
Table B.1 – The CRC32 lookup table for 32-bit CRC signature calculations
Français [Go to Page]
SOMMAIRE
AVANT-PROPOS
INTRODUCTION
1 Domaine d'application
2 Références normatives
3 Termes, définitions, symboles, abréviations et conventions [Go to Page]
3.1 Termes et définitions [Go to Page]
3.1.1 Termes et définitions communs
3.1.2 Termes et définitions supplémentaires
3.2 Symboles et abréviations [Go to Page]
3.2.1 Abréviations de l'IEC 61784-3
3.2.2 Symboles et abréviations supplémentaires
3.3 Conventions [Go to Page]
3.3.1 Conventions générales
3.3.2 Conventions pour la numérotation des exigences
3.3.3 Conventions dans les diagrammes d'états
4 Vue d'ensemble de la sécurité OPC UA [Go to Page]
4.1 Généralités
4.2 Aspects relatifs à la mise en œuvre
4.3 Caractéristiques
4.4 Politique de sûreté
5 Généralités [Go to Page]
5.1 Documents externes de spécifications applicables au profil
5.2 Exigences fonctionnelles de sécurité
5.3 Mesures de sécurité
5.4 Structure de la couche de communication de sécurité
5.5 Exigences relatives au calcul du CRC
6 Services de la couche de communication de sécurité [Go to Page]
6.1 Généralités
6.2 Modèles d'information [Go to Page]
6.2.1 Généralités
6.2.2 Définition des objets et des ObjectTypes
6.2.3 Définition de DataType
6.2.4 Version de SafetyProvider
6.2.5 DataTypes et longueur de SafetyData
6.2.6 Établissement de la connexion
6.3 Interfaces de services [Go to Page]
6.3.1 Vue d'ensemble
6.3.2 Interface de plateforme OPC UA (OPC UA PI)
6.3.3 Interfaces du SafetyProvider
6.3.4 Interfaces du SafetyConsumer
6.3.5 Communication de sécurité cyclique et acyclique
6.3.6 Principe applicable aux "variables d'application avec qualificatif"
6.4 Diagnostics [Go to Page]
6.4.1 Généralités
6.4.2 Messages de diagnostic du SafetyConsumer
6.4.3 Méthode ReadSafetyDiagnostics du SafetyProvider
7 Protocole de couche de communication de sécurité [Go to Page]
7.1 Généralités
7.2 SafetyProvider et SafetyConsumer [Go to Page]
7.2.1 Format des SPDU
7.2.2 Comportement
7.2.3 Sous-routines
8 Gestion de la couche de communication de sécurité [Go to Page]
8.1 Généralités
8.2 Partie temps de réponse de la fonction de sécurité de la communication
9 Exigences système (SafetyProvider et SafetyConsumer) [Go to Page]
9.1 Contraintes sur les paramètres de la SPDU [Go to Page]
9.1.1 SafetyBaseID et SafetyProviderID
9.1.2 SafetyConsumerID
9.2 Initialisation du MNR dans le SafetyConsumer
9.3 Contraintes liées au calcul des caractéristiques du système [Go to Page]
9.3.1 Considérations probabilistes (informatif)
9.3.2 Hypothèses relatives à la sécurité (informatif)
9.4 Valeurs PFH et PFD d'une liaison de communication de sécurité logique
9.5 Manuel de sécurité
9.6 Indicateurs et affichages
10 Évaluation [Go to Page]
10.1 Politique de sécurité
10.2 Obligations
10.3 Index des exigences (informatif)
11 Profils et unités de conformité
12 Espaces de noms [Go to Page]
12.1 Métadonnées de l'espace de noms
12.2 Gestion des espaces de noms IEC 62541
Annexe A (normative) Espace de noms et mappings de sécurité
Annexe B (informative) Information supplémentaires [Go to Page]
B.1 Calcul du CRC à l'aide de tables de conversion pour le polynôme 0xF4ACFB13
B.2 Cas d'utilisation [Go to Page]
B.2.1 Communication unidirectionnelle
B.2.2 Communication bidirectionnelle
B.2.3 Multidiffusion de sécurité
B.3 Cas d'utilisation pour l'acquittement de l'opérateur [Go to Page]
B.3.1 Explication
B.3.2 Cas d'utilisation 1: communication unidirectionnelle et OA côté SafetyConsumer
B.3.3 Cas d'utilisation 2: communication bidirectionnelle et double OA
B.3.4 Cas d'utilisation 3: communication bidirectionnelle et simple OA unilatéral
B.3.5 Cas d'utilisation 4: communication bidirectionnelle et simple OA bilatéral
Annexe C (informative) Informations pour l'évaluation
Bibliographie
Figures [Go to Page]
Figure 1 – Relations entre la sécurité OPC UA et d'autres normes
Figure 2 – Architecture de la couche de sécurité
Figure 3 – Objets Serveur pour la sécurité OPC UA
Figure 4 – Instances d'objets de serveur pour le présent document
Figure 5 – Multidiffusion de sécurité avec trois destinataires utilisant le PubSub IEC 62541
Figure 6 – Paramètres de sécurité du SafetyProvider et du SafetyConsumer
Figure 7 – Vue d'ensemble de la couche de communication de sécurité
Figure 8 – Interfaces du SafetyProvider
Figure 9 – Exemples de combinaisons de capacités SIL
Figure 10 – Interfaces du SafetyConsumer
Figure 11 – RequestSPDU
Figure 12 – ResponseSPDU
Figure 13 – Diagramme de séquence des demandes et réponses (Client/Serveur)
Figure 14 – Diagramme de séquence des demandes et réponses (PubSub)
Figure 15 – Exemple de durée de sollicitation pour une valeur sollicitée ignorée lorsque les SafetyData actuellement disponibles ne sont pas fournies tant qu'une deuxième modification du MNR n'a pas lieu
Figure 16 – Exemple de durée de sollicitation pour une valeur sollicitée reçue lorsque les SafetyData actuellement disponibles sont fournies
Figure 17 – Représentation simplifiée du diagramme d'états du SafetyProvider
Figure 18 – Diagramme d'états de principe du SafetyConsumer
Figure 19 – Diagramme de séquence pour l'OA
Figure 20 – Vue d'ensemble de la tâche pour le SafetyProvider
Figure 21 – Calcul du SPDU_ID
Figure 22 – Exemple de calcul de SPDU_ID_1, SPDU_ID_2 et SPDU_ID_3
Figure 23 – Calcul du CRC (sur les machines petit-boutistes, CRC32_Backward)
Figure 24 – Calcul du CRC (sur les machines gros-boutistes, CRC32_Forward)
Figure 25 – Vue d'ensemble des délais et des chiens de garde
Figure 26 – Probabilité d'erreurs résiduelles conditionnelles de la vérification du CRC
Figure 27 – Exemple de compteur: longueurs de données non prises en charge par la sécurité OPC
Figure 28 – Facettes et ConformanceUnits
Figure B.1 – Communication unidirectionnelle
Figure B.2 – Communication bidirectionnelle
Figure B.3 – Multidiffusion de sécurité
Figure B.4 – OA dans une communication de sécurité unidirectionnelle
Figure B.5 – OA bilatéral dans une communication de sécurité bidirectionnelle
Figure B.6 – OA unilatéral dans une communication de sécurité bidirectionnelle
Figure B.7 – Un OA unilatéral est possible de chaque côté
Tableaux [Go to Page]
Tableau 1 – Conventions utilisées dans les diagrammes d'états
Tableau 2 – Mesures de sécurité déployées pour détecter les erreurs de communication
Tableau 3 – Définition de SafetyACSet
Tableau 4 – Définition de SafetyObjectsType
Tableau 5 – Définition de SafetyProviderType
Tableau 6 – Définition de SafetyConsumerType
Tableau 7 – Arguments de la méthode ReadSafetyData
Tableau 8 – Définition de l'AddressSpace pour la méthode ReadSafetyData
Tableau 9 – Arguments de la méthode ReadSafetyDiagnostics
Tableau 10 – Définition de l'AddressSpace pour la méthode ReadSafetyDiagnostics
Tableau 11 – Définition de SafetyPDUsType
Tableau 12 – Définition de SafetyProviderParametersType
Tableau 13 – Définition de SafetyConsumerParametersType
Tableau 14 – Valeurs d'InFlagsType
Tableau 15 – Définition d'InFlagsType
Tableau 16 – Valeurs d'OutFlagsType
Tableau 17 – Définition d'OutFlagsType
Tableau 18 – Structure de RequestSPDUDataType
Tableau 19 – Définition de RequestSPDUDataType
Tableau 20 – Structure de ResponseSPDUDataType
Tableau 21 – Définition de ResponseSPDUDataType
Tableau 22 – Structure de NonSafetyDataPlaceholderDataType
Tableau 23 – SAPI du SafetyProvider
Tableau 24 – SPI du SafetyProvider
Tableau 25 – SAPI du SafetyConsumer
Tableau 26 – SPI du SafetyConsumer
Tableau 27 – Exemples de "variables d'application avec qualificatif"
Tableau 28 – Messages de diagnostic de la couche de sécurité
Tableau 29 – Symboles utilisés pour les diagrammes d'états
Tableau 30 – Éléments internes d'une instance de SafetyProvider
Tableau 31 – États d'une instance de SafetyProvider
Tableau 32 – Transitions du SafetyProvider
Tableau 33 – Éléments internes du SafetyConsumer
Tableau 34 – États du SafetyConsumer
Tableau 35 – Transitions du SafetyConsumer
Tableau 36 – Présentation du SPDU_ID
Tableau 37 – Codage pour le SafetyProvideLevel_ID
Tableau 38 – Exemples de générateurs de nombres aléatoires forts sur le plan cryptographique
Tableau 39 – Taux total d'erreurs résiduelles pour le canal de communication de sécurité
Tableau 40 – Informations à inclure dans le manuel de sécurité
Tableau 41 – Index des exigences (informatif)
Tableau 42 – Objet NamespaceMetadata pour le présent document
Tableau 43 – Espaces de noms utilisés dans un Serveur de sécurité
Tableau B.1 – Table de conversion CRC32 pour les calculs de signature CRC à 32 bits [Go to Page]

MADCAD.com Free Trial

Report To Us

Contact us for a custom quote

⨯To continue with accurate pricing,
please select your company type below:

⨯We need your input!

⨯ We need your input!

⨯ We need your input!

⨯We need your input!

⨯We need your input!

Cart Warning

IEC 62541-15 Ed. 1.0 b:2025 OPC Unified Architecture - Part 15: Safety, 2025

MADCAD.com Free Trial

Report To Us

Contact us for a custom quote

⨯To continue with accurate pricing, please select your company type below:

⨯We need your input!

⨯ We need your input!

⨯ We need your input!

⨯We need your input!

⨯We need your input!

Cart Warning

IEC 62541-15 Ed. 1.0 b:2025 OPC Unified Architecture - Part 15: Safety, 2025

⨯To continue with accurate pricing,
please select your company type below: