Certification

What can be certified?

The OPC Foundation does not allow to certify SDKs directly, so the HP SDK itself cannot be certified and an application is not certified automatically because it is built with a certain SDK. Only final products can be certified by the OPC Foundation, for this reason we can only certify our demoserver built with the SDK to proof that it is possible to develop a compliant application using the SDK. The SDK handles a lot of the CTT testcases, so applications built with the SDK will pass most testcases automatically, however a few subjects like data handling must be implemented in every application individually and thus each application must be certified individually.

Status of the HP SDK

The demoserver of the HP SDK is not yet certified, however as of version 1.5 applications may have a chance to get certified up to the Standard 2017 UA Server Profile.

None of the HP SDK example clients are certified and there are currrently no plans to do so.

CTT

The CTT is the Compliance Test Tool provided by the OPC Foundation and the main factor of the certification. It can be downloaded from the OPC Foundation website by members to run before certification themselves. The following sections explain how to use the CTT with the HP SDK demoserver, which might be used as base for own certfifications.

Version

This documentation applies to CTT 1.04.9.396, other versions of the CTT may yield different results.

Standard Profile

The standard profile is the biggest of the full featured server profiles. A configuration for the demoserver that can be loaded in the CTT (see Configuration of the CTT) is provided here. In the CTT Profiles tab Standard 2017 UA Server must be selected.

The server must be started with the configuration file settings_standard.conf included in the SDK:

uaserverhp -c settings_standard.conf

Micro Embedded Profile

The micro embedded profile is a rather small one of the full featured server profiles, it requires support only for few subscriptions and does not require UA Security. A configuration for the demoserver that can be loaded in the CTT (see Configuration of the CTT) is provided here. In the CTT Profiles tab Micro Embedded Device 2017 Server must be selected.

The SDK includes the settings_micro.conf which sets quantities according to the Micro Embedded Profile, however some of the CTT scripts were not written with such limited servers in mind an will falsely report errors. To make certification easier we provide a second configuration file settings_micro_ctt.conf, which is based on the above settings file but increases a few limits:

uaserverhp -c settings_micro_ctt.conf

Configuration of the CTT

Open the CTT and create a new project.
Create a new Server Standard Project with a name of your choice.
After project creation, the settings dialog appears automatically, click Import and select the suitable *.ctt.xml
In the settings dialog go to Server Test->Server URL and adjust the hostname and port.
Adjust further settings as needed and close the settings dialog.
In the Profiles tab select the suitable profile and facets. An overview of profiles and facets is provided by the OPC Foundation on their ProfileReporting site.

In case the selected profile includes UA Security a few more steps are required:

The CTT generates certificates for testing during installation, when not using the CTT for a while these certficates may expire, so it is recommended to generate new CTT certificates before running the CTT tests, to do so either run the certificate generation script manually or reinstall the CTT.

The certificates are copied by the CTT to the project folder into a folder named PKI, containing the folder copyToServer. The server stores its certificates in the bin folder into pki_store_0 for the server certificates and pki_store_user for user certificates, the latter is only required if X509 authentication is enabled. The CTT certificates and crls must be copied to the server into their respective folders:

copyToServer	bin
ApplicationInstance_PKI	pki_store_0
–trusted	–trusted
—crl	—crl
—certs	—certs
–issuers	–issuer
—crl	—crl
—certs	—certs
X509UserIdentity_PKI	pki_store_user
–trusted	–trusted
—crl	—crl
—certs	—certs
–issuers	–issuer
—crl	—crl
—certs	—certs

If X509 authentication is enabled the CTT also requires the following users to exist: ctt_usrT, ctt_ca1T_usrT, ctt_ca1I_usrT. In the example users file of the SDK these are already listed.

Known Issues of the CTT

There are a few testcase failing which we believe are errors in the test scripts, these isssues are reported to the OPC Foundation and will be fixed in future versions of the CTT. Depending on the configuration of the server and the exact setup of CTT and server these may or may not happen during a specific CTT run, some are sporadic and may happen only every n-th run. The following list includes links to the mantis bug tracker of the OPC Foundation, so people with an account can view them in detail, others may still provide the link during certification to reference a specific issue.

Subscription Services/Subscription Basic/052
- This test requires a retransmission queue of 6, but the server may have only 2
- see https://apps.opcfoundation.org/mantis/view.php?id=4434
Security/various DoS testcases
- The CTT would need to wait at bit longer before secure channels can be reclaimed
- see https://apps.opcfoundation.org/mantis/view.php?id=4735
Subscription Services/Subscription Minimum 02/003
- The CTT does not wait long enough before sending another PublishRequest
- see https://apps.opcfoundation.org/mantis/view.php?id=6173
Base Information/Base Info Diagnostics/015
- This test assumes a monitored item queue size of at least 2
- see https://apps.opcfoundation.org/mantis/view.php?id=6228
Base Information/Base Info Diagnostics/019
- This test expects the server to have more than 5 sessions
- see https://apps.opcfoundation.org/mantis/view.php?id=6229
Monitored Item Services/Monitor QueueSize_01/005
- This test sometimes waits not long enough for the item to sample
- see https://apps.opcfoundation.org/mantis/view.php?id=6254

Table of Contents