Unified Automation UA SDK C++ Bundle 1.6.3 (SOURCE Edition) --------------------------------------------------------- ---------------------- Content ---------------------- (0) Compiler version (1) Third-Party Libraries (2) Release notes (3) Feature list ---------------------- =================================================================== (0) Compiler version =================================================================== This SDK was compiled with Microsoft(TM) Visual Studio vs2015 and thus depends on the runtime components (CRT) of MS Visual Studio vs2015. You SHOULD NOT mix this SDK binaries with other MS Visual Studio versions, because your application will end up in loading two different CRT Dlls, which results in two different heaps. Mixing heaps will lead to application crashes, when trying to free memory that was allocated by another heap. Either download an evaluation version for your Visual Studio version or obtain the Source Edition to be able to consistently compile the package with your compiler version. =================================================================== (1) Third-Party Libraries =================================================================== The UA SDK includes a number of third-party libraries that are used to provide certain features. Third Party Software may impose additional restrictions and it is the user's responsibility to ensure that they have met the licensing requirements of the according libraries. The following enumeration lists all third-party libraries used by the UA SDK with additional information about version, configuration and used licenses. The third-party licenses are stored in the license folder distributed with the SDK. * OpenSSL The OpenSSL library is used by the OPC UA Stack to implement OPC UA Security (AES, RSA, SHA1, x509 certificates). A pre-compiled library of OpenSSL is only distributed in the Windows version of the SDK. This library is only provided for convenience. You are free to build and use your own version OpenSSL which better fits to your needs. For security reasons you should always use the latest release of OpenSSL in your products. It is recommended to use the DLL version of OpenSSL, so that end-users are able to replace OpenSSL with fixed versions. OpenSSL Version: 1.0.2o 27 Mar 2018 Home: http://www.openssl.org License: OpenSSL License Configuration: OpenSSL was built using MS Visual Studio 2008 SP1 using the build scripts distributed with OpenSSL. To disable patented algorithms the OpenSSL library was configured this way: > perl Configure no-idea no-mdc2 no-ntt no-rc5 VC-WIN3 This disables IDEA, MDC2, NTT and RC5. * Libxml2 Libxml2 is the XML C parser and toolkit developed for the Gnome project (but usable outside of the Gnome platform), it is free software available under the MIT License. XML itself is a metalanguage to design markup languages, i.e. text language where semantic and structure are added to the content using extra "markup" information enclosed between angle brackets. HTML is the most well-known markup language. Though the library is written in C a variety of language bindings make it available in other environments. Libxml2 Version: 2.9.8 Home: http://www.xmlsoft.org/ License: MIT License =================================================================== (2) Release notes =================================================================== (2a) Security Policies ====================================================== The OPC UA Specification version 1.04 released end of 2017 deprecated the security policy Basic256 and added the two new security policies Aes128_Sha256_RsaOaep and Aes256_Sha256_RsaPss. The security policy Basic128Rsa15 was already deprecated before. It is strongly recommended to disable Basic128Rsa15 and Basic256 in the OPC UA server configuration and to allow only Basic256Sha256, Aes128_Sha256_RsaOaep and Aes256_Sha256_RsaPss. A server administrator may be able to activate Basic128Rsa15 and Basic256 for backward compatibility but the user must be warned about the deprecated status of these security policies. The new security policies require the following OpenSSL versions: * Aes128Sha256RsaOaep is supported only for OpenSSL V1.0.0 and higher * Aes256Sha256RsaPss is supported only for OpenSSL V1.0.2 and higher (2b) Certificate Store configuration ====================================================== With version 1.5.0, the certificate store configuration has been improved to better fit the new features of central certificate configuration using the Global Discovery Service (GDS). The configuration is backward compatible, but it is highly recommended to review the new configuration options. See CHANGELOG.txt for more details. See also the documentation in Server SDK Introduction -> Server Configuration Make sure you update the files from examples\utilities in your own server code. If these files are not updated when moving from 1.4.x to 1.5.x or later, the new GDS functionality is not working. (2c) OPC UA Compliance Testing ====================================================== We are following the OPC UA compliance and certification efforts of the OPC Foundation as close as possible. We participated in all UA plug fest events and most of the OPC interoperability events as first available step. We have tested the C++ demo server contained in this SDK release with the released OPC UA compliance test tool (CTT) version 1.03.340.380. There are no known issues with this compliance test version. When testing with the OPC UA CTT version 1.03.340.380 or older versions, the endpoint configuration of the C++ demo server must be changed since the CTT does not support the new security policies yet. The following changes are necessary: * Activate Basic256 This security policy is deprecated and therefore deactivated by default in the SDK * Deactivate Aes128_Sha256_RsaOaep and Aes256_Sha256_RsaPss The new security polices are not known to the CTT and cause problems in the test when active in the server configuration When the UA CTT is installed it generates a number of certificates used for the tests. These certificates of course have a limited validity i.e. they expire after a certain time. This is 1 year for the issued certificates and 30 day for the CRLs (Certificate Revocation Lists). So 30 days after installing the UA CTT you typically get errors for these test cases because the CRLs have expired. * Security/Security User X509 - Test011 * Security/Security Certificate Validation - Test038 The OPC Test Lab Certification of C++ demo server contained in this SDK was successfully finished with version 1.6.0 of the SDK. The test results with your own server implementation may have compliance issues based on different SDK implementation options used. Issues can also be caused by different timing. We will provide regular updates to the SDK after the availability of new OPC UA compliance test tool versions. (2d) Protocol binding HTTPS with UA Binary Encoding ====================================================== The OPC UA stack version used in the C++ SDK version 1.6.0 supports the protocol binding HTTPS with UA Binary Encoding. The protocol binding can be activated through configuration options. However this part of the SDK is not released yet since the level of testing is not high enough, even if there are no known open issues. (2e) Breaking changes between V1.3.x and V1.4.x and later ====================================================== Breaking changes to utilities ----------------------------- To make sure that the utilities provided for the OPC UA Server applications are maintained and updated with the SDK, most of the utility functionality like the class ServerConfigXml and main parts of the class OpcServer are now covered by the SDK CoreModule. When updating from an SDK version 1.3 to V1.4 or later, you must update the files from examples/utilities in your OPC UA Server application project. Remove the files serverconfigxml.cpp/h from your server project. They are now part of the SDK core module library. Update opcserver.cpp/h from the examples/utilities directory. Main parts are now included in the SDK core module library. Breaking changes to IOManager ----------------------------- If you have implemented the SDK interface IOManager directly, you must update the enumeration values of the enumeration IOMananger::TransactionType. Due to conflicts on VxWorks we had to change the enumeration value names. See CHANGELOG.txt for more details. (2f) Breaking changes between V1.5.x and V1.6.x and later ====================================================== Renaming SDK libraries ----------------------------- Rename UaClient library from 'uaclient' to 'uaclientcpp' to match the project name Rename UaBase library from 'uabase' to 'uabasecpp' to match the project name Rename UaPki library from 'uapki' to 'uapkicpp' to match the project name Rename XmlParser library from 'xmlparser' to 'xmlparsercpp' to match the project name New Role and Permission management ----------------------------- Changed the node permission and role management from SDK specific implementation to new standard OPC UA 1.04 functionality. Removed ServerConfig::getIdsForDefaultRoles(). Other API changes ----------------------------- - The signature of UaSession::close() was changed by adding a new parameter with default value. The effect is that any overwrite implementation in a derived class will no longer be called. - Remove UaServerApplication::closeEndpoint() UaServerApplication::openEndpoint() and closeEndpoint() was replaced with UaServerApplication::pauseUaServer() and restartUaServer() due to race conditions when closeEndpoint() was called with active Service call transactions. See CHANGELOG.txt for more changes and details. =================================================================== (3) Feature list =================================================================== For a detailed change log see the file CHANGELOG in your SDK download section. Versions 1.6.2 -------------------------- Bug fixes only. See CHANGELOG for details. Versions 1.6.1 -------------------------- Bug fixes only. See CHANGELOG for details. Version 1.6.0 -------------------------- Major features added in this version * Support for new OPC UA 1.04 security policies - Added support for Aes128-Sha256-RsaOaep and Aes256-Sha256-RsaPss Support added to stack and client and server side SDK New security policies must be added to product specific configuration files and configuration user interfaces - Deprecated Basic256 Should be removed from default configuration. Activation should be limited to administrative users and configuration interfaces should warn the user if enabled - Disables Basic128RSA15 for user name encryption Configuration and use for user name encryption is blocked by server SDK * Support for new OPC UA 1.04 standard user roles and node permission management - Replaces SDK specific role and permission management (breaking change) - RoleSetType for management of roles in the server - Support for standard OPC UA defined roles - RoleType for management of user and application identities for a role - Support for new attributes RolePermissions, UserRolePermissions and AccessRestrictions - Support for namespace DefaultRolePermissions and DefaultAccessRestrictions * Support for new OPC UA 1.04 attribute DataTypeDefinition * Support for new OPC UA 1.04 revers connection establishment - OPC UA 1.04 defines a server initiated OPC UA Connection Protocol connection - Client SDK allows to accept reverse connections from servers - Server SDK allows configuration of reverse connect URLs for clients on an Endpoint * Update of alarm model classes to new features in 1.04 OPC UA Part 9 - Alarms and Conditions * Support for new OPC UA 1.04 TemporaryFileTransferType * Extended UANodeSet XML handling - Support of node and reference export to a node model in client and server SDK - Support for export of the node model to an XML file based on standard UANodeSet schema * Support for OPC UA 1.03 feature Durable Subscriptions Versions 1.5.1 to 1.5.6 -------------------------- Bug fixes only. See CHANGELOG for details. Version 1.5.0 -------------------------- Major features added in this version * Support for central certificate management define in OPC UA Part 12 version 1.03 - OPC UA Part 12 defines a Global Discovery Server used to manage certificates in a central place through the interfaces DirectoryType and CertificateDirectoryType. OPC UA client and server applications can use these standard interfaces to manage application instance certificates and to update trust lists. - The server SDK supports the ServerConfiguration object for the GDS push model. The push model allows remote configuration of certificates and trust lists in the server. This can be done through GDS related tools or through stand-alone OPC UA clients like UaExpert. - The client SDK provides a library for access to the GDS interfaces. This library allows OPC UA client or server developers to integrate the GDS pull model. In the pull model, the OPC UA client or server requests certificates and trust lists from the GDS server. * Support for new OPC UA data type features added in OPC UA version 1.03 - Union data types - Structured data types with optional fields - OptionSet data types * General update to OPC UA 1.03 specification changes * Support for user authorization down to UaNode level - The UaNodes managed by the NodeManagerBase in the server toolkit level do now support an additional access mask used to configure access to the nodes for different actions like browse, read, write, and call for three user classes like owner, group, and other. - During user authentication, the SDK user must set the user id and the group ids for the user on the Session object. - The SDK automatically checks the user authorization per node based on the access mask in the node and the user information in the Session. * Complete restructuring of CMake projects and management of options * Update of generated code for OPC UA types to include documentation * Added support for SecurityPolicy Basic256Sha256 Versions 1.4.2 and 1.4.3 -------------------------- Bug fixes only. See CHANGELOG for details. Version 1.4.1 -------------------------- The main purpose of this version is to provide bug fixes for version 1.4. See CHANGELOG for details. Features added in this version * Added capability to register HistoryManager per node in NodeManagerBase * Enabled support of event history for Server object * Added capability to set status for event fields of condition objects * Added configuration through files or on-line change for the feature to send error, warning and info traces as events * Update of PLCopen and OPC DI information model libraries * Added feature to allow user check for event delivery Known issue from V 1.4.0 Release Notes * The use of stack thread pool was not released with 1.4.0. The issue is now fixed and the stack thread pool can be used with 1.4.1. Version 1.4.0 -------------------------- Major features added in this version - Compliance with OPC UA 1.02 Update to OPC UA 1.02 specification changes. Compliance testing with latest compliance test tool for OPC UA 1.02. - Full support for HistoricalAccess functionality (Client + Server) Important historical data access features are available in the SDK since several versions but was never released since the specification was not released yet. After the Historical Access and Aggregates specification are now released, this is the version of the SDK that has full support for all Historical Access and Aggregates features released for client and server side SDK. - Full structured data type support (Client + Server) OPC UA provides support for user defined structured data types. These structures can be known at compile time. In this case the structures are available in code and serialization functions are registered with the stacks. Other structures are unknown at compile time. This requires handling of XML based type descriptions in OPC UA client and server applications. Both options are now supported by the client and server side SDK. The known structures and the handling code can be generated with the UaModeler. The unknown structures can be handled with helper classes provided by the SDK. - Added OPC UA 1.02 features - Added support for loading address space with new XML format (Server) XML files based on the UANodeSet schema can be loaded with new server SDK class NodeManagerUaNodeXmlParser - Added FileType support (Server) OPC UA 1.02 added a FileType object type definition for access to files. The server side SDK provides a corresponding class to represent files in the server. - Added new protocol binding HTTPS with UA Binary Encoding (Stack) - Adds support for OPC UA defined units (UaBase - UaEUInformation) - Classes like UaString, UaMutex or UaThread can now be used before stack is initialized (see UaBase features) - Trace access through OPC UA - Trace configuration can be done through OPC UA interface - Trace events for trace levels INFO, WARNING and ERROR are fired as events - Event history for these events can be access with HistoryRead for events Versions 1.3.x and older -------------------------- See CHANGELOG for details.