OPC UA Extension for SIMATIC WinCC

Allmendinger pushes WinCC up to the next level of OPC communication

Allmendinger Schema


Within automation technology there are many different programmable logic controllers (PLC) connected to SCADA and HMI systems. Most of these PLCs have their own proprietary communication protocols implemented to connect to their process information. To be favored by an equipment or machine manufacturer, a SCADA or HMI system must be flexible and must support multiple of these protocols. In the case of the Siemens HMI system, SIMATIC WinCC, the drivers of the individual communication protocols are called “channels”.

The base package of WinCC V7 currently contains nine different channels. Additionally the engineers of Allmendinger have implemented four more channels, that can be purchased to extend the connectivity of WinCC. Because the Siemens HMI had no integrated OPC UA channel, up to version V7.0 SP3, Allmmendinger implemented a full native OPC Client, that comes as integrated channel driver for connectivity to external OPC UA servers providing Data Access.


The process data communication within industrial automation must permanently adapt to growing requirements. Since computer viruses like Stuxnet and Duqu, even the most conservative machine vendor and plant operator realized that data transfer must be secured and encrypted. To secure the data user name and password protection is not enough, the connection between two endpoints itself must be protected using certificates for authentication of applications.

In addition the data structures inside the PLC become more and more complex and hence require larger data volume and higher transmission speed. Up to Version 7.0 SP3 Siemens provides no native OPC UA Client channel for Simatic WinCC.


In altogether 14 specifications, the new communication standard OPC Unified Architecture addresses the requirements of today‘s and future communication in automation. The OPC UA client channel for Simatic WinCC developed by Allmendinger provides all advantages of this new standard. The channel implements the security mechanism including signed and encrypted communication using algorithms like 256 Bit RSA and a newly designed client side certificate management. Currently the channel only supports the data access (DA) functionalities of OPC UA. But the team of Allmendinger already works on next version supporting Alarms & Conditions (AC) and Historical Access (HA).

OPC UA Background

The OPC UA client software consists of two components. All configuration tasks required for successful communications can be done with “UA Tags”, a comfortable configuration tool.

The integrated browser can search for OPC UA servers in the network and will find all the related endpoints. It also manages the certificates that are required for secure connections. The component enables the user to create new certificates and to handle and trust certificates of external communication partners.

The comfortable browsing through the address space of connected servers already shows the attributes of individual nodes as required by WinCC. Additionally the values of nodes can be read out or written to. The selected nodes are automatically imported into the data manager of WinCC including all required connection properties. Once linked into WinCC, the tags can be used similar to all other projected variables. The second component, the channel itself, is doing the communication with the underlying UA servers when WinCC is switched to Runtime-Mode.


  • starting at version 7.x
  • retrofittable, up to 64,000 OPC UA Tags
  • simple configuration
  • identical look & feel
  • no DCOM Security
  • simple remote OPC connection
  • encrypted transmission

Used Products of Unified Automation

The WinCC OPC UA channel from Allmendinger uses the C++ based OPC UA Client SDK from Unified Automation. The client SDK capsulates the OPC UA functionality and provides a simple API. The handling and validation of certificates and the preparation of connection information is also provided including common mechanisms for detection of connection loss and re-establishment plus re-activation of the communication itself.

The C++ Client SDK consists of different libraries, that can be linked dynamically or statically into the product. The SDK comes with the OPC UA Stack which contains the protocol implementation and is used for the low level communication. For UA security features like encryption and authentication the well known OpenSSL crypto library is used.

About Allmendinger

The engineering Bureau Allmendinger offers products and services for software development and is specialized on automation technology. The working area covers besides others the development of communication channels for the SCADA/HMI software Simatic WinCC from Siemens AG. Allmendinger runs a WinCC competency center and is long time development partner for WinCC extensions, add-ons and option packs.

“Our customers can simply retrofit the OPC UA channel” says Jörg Allmendinger “there is no re-installation nor any new projecting of the existing WinCC required.”