Evaluation of OPC UA secure communication in web browser applications

OPC UA XML Web services mapping offers a Web service interface to access process data. Web services use XML technology for data exchange. Present-day Web browsers include XML functionality already as a standard feature, they are therefore very promising candidates for the implementation of monitoring and operating functions for industrial processes. However, the acceptance of Web services in industrial automation depends on adequate security realizations. For this purpose, the Web services security stack provides several specifications to meet the requirements for secure message exchange. The OPC UA XML Web services mapping refers to these specifications. The application of Web browsers for monitoring and operating of technical processes using OPC UA Web services demand the computation of cryptographic algorithms within the scripting engine of the Web browser. However, available scripting languages are not designed to compute complex mathematical, i.e., cryptographic, algorithms. Therefore, at the Institute of Automation of the Technische Universitat Dresden the suitability of a native Web browser for monitoring and operating of industrial processes with OPC UA based secure communication was analyzed. The paper shows representative measured computing times of cryptographic algorithms in JavaScript. The security specification XML signature - which is mandatory for OPC UA Web services mapping - requires about 700 ms to create a signature. Finally, the paper discusses methods to improve the performance.