Instruction Manual: Yokogawa

Instruction ACCESS/FAST FAST/TOOLS
Manual System Integrator’s Manual
IM50R07R00-01EN/R10.04
YOKOGAWA YOKOGAWA ELECTRIC CORPORATION

9-32 Nakacho 2-chome,
Musashino-shi, Tokyo 180-8750, Japan
IM50R07R00-01EN/R10.04
©Copyright February 2019
Tel: +81-422-52-5616
Email:GSC_Sales@ml.jp.yokogawa.com
© Yokogawa Electric Corporation
YOKOGAWA
The information in this document is subject to change without notice and should not
be construed as a commitment by Yokogawa.
Yokogawa assumes no responsibility for any errors that may appear in this
document.
The software described in this document is furnished under license and may only be
used or copied in accordance with the terms of such license.
ii
Table of Contents
Table of Contents
0 Preface ...................................................................................0-1
0.1 Objectives ..................................................................0-1
0.2 Intended Audience .....................................................0-1
0.3 Structure of this Document ........................................0-1
0.4 Associated Documents ..............................................0-1
0.5 Conventions and abbreviations ..................................0-3
1 Introduction to ODBC .........................................................1-1
1.1 General .......................................................................1-1
1.2 Functionality of ODBC .............................................1-1
1.3 Architectural overview of ODBC ..............................1-2
1.3.1 General overview of an ODBC interface ......1-2
1.3.2 ODBC configurations ...................................1-4
1.3.3 ODBC conformance levels ...........................1-6
1.4 Components of the FAST/TOOLS ODBC interface .1-6
1.4.1 General ..........................................................1-6
1.4.2 Client system ................................................1-8
1.4.3 Server system of ODBC interface ................1-9
2 Using ODBC functionality ...................................................2-1
2.1 Introduction ...............................................................2-1
2.2 Setting up an ODBC connection ...............................2-1
2.2.1 Software installation .....................................2-1
2.2.2 Software configuration .................................2-2
2.3 Accessing FAST/TOOLS information ......................2-3
2.3.1 General ..........................................................2-3
2.3.2 The ODBC connection .................................2-3
2.4 Commonly occurring errors .......................................2-4
3 Configuring ODBC functionality ........................................3-1
3.1 Introduction ...............................................................3-1
3.2 Set up file parameters ODBC functionality ...............3-2
3.3 Setting up SimbaClient ..............................................3-5
4 Introduction to FAST/TOOLS OPC interface ..................4-1
4.1 General .......................................................................4-1
4.2 OPC ...........................................................................4-1
4.3 FAST/TOOLS and OPC ............................................4-3
4.3.1 Introduction ...................................................4-3
4.3.2 Architectures .................................................4-4
ACCESS/FAST System Integrator’s Manual iii

Table of Contents
4.3.3 OPC server centric basic architectures ......... 4-4

4.3.4 OPC client centric basic architectures ......... 4-6
4.4 Quality code conversion ........................................... 4-8
4.4.5 OPC quality to FAST/TOOLS quality ......... 4-8
4.4.6 FAST/TOOLS quality- to OPC quality ....... 4-8
4.5 OPC data type mapping .......................................... 4-10
5 FAST/TOOLS OPC DA client ............................................ 5-1
5.1 General ...................................................................... 5-1
5.2 Interaction with other parts of FAST/TOOLS .......... 5-1
5.2.1 BUS/FAST ................................................... 5-2
5.2.2 (D)COM ....................................................... 5-2
5.2.3 ITEM/FAST ................................................. 5-2
5.2.4 User interface (HMI) .................................... 5-2
5.2.5 OPC client setup-file .................................... 5-2
5.2.6 Data set services (DSS) ................................ 5-3
5.2.7 Save file ........................................................ 5-3
5.3 Runtime behaviour .................................................... 5-4
5.3.1 Heartbeat mechanism ................................... 5-4
5.3.2 Check the connection to the OPC server(s) . 5-4
5.3.3 Event queue mechanism ............................... 5-5
5.3.4 Reconnection mechanism ............................ 5-5
5.3.5 OPC group status ......................................... 5-5
5.4 OPC DA client configuration .................................... 5-6
5.4.1 Introduction .................................................. 5-6
5.4.2 OPC client process name ............................. 5-6
5.4.3 Starting and stopping the OPC client ........... 5-6
5.4.4 Setup-file parameters ................................... 5-7
5.5 Tricks and Tips ....................................................... 5-10
5.5.1 Use one server per client ............................ 5-10
5.5.2 Use quick-loads to configure OPC clients . 5-11
5.6 Windows Firewall and Security settings ................. 5-11
5.7 OPC DA Client DCOM tunnelling ......................... 5-11
5.7.1 Introduction ................................................ 5-11
5.7.2 Installing FAST/TOOLS DCOM tunneller 5-13
5.7.3 Setting up a DCOM tunnelling configuration 5-
13
5.7.4 Monitoring item status with INTMOM ..... 5-14
6 FAST/TOOLS OPC DA server .......................................... 6-1
6.1 Introduction ............................................................... 6-1
6.3 Some notes on the implementation of the server ...... 6-3
6.3.1 Introduction .................................................. 6-3
iv ACCESS/FAST System Integrator’s

Table of Contents
6.3.2 Server’s threads ............................................6-3

6.3.3 Server’s data cache .......................................6-4
6.3.4 Timestamp information ................................6-4
6.3.5 ProgID ..........................................................6-5
6.4 Starting the server ......................................................6-5
6.5 Stopping the server ....................................................6-5
6.6 Name space browsing ................................................6-6
6.7 Authorisation issues ...................................................6-8
6.8 OPC Server browsing ................................................6-9
6.9 Configuration .............................................................6-9
6.9.1 Introduction ..................................................6-9
6.9.2 DCOM configuration and security policy ..6-10
6.9.3 Windows Firewall .......................................6-17
6.9.4 Client-side settings .....................................6-23
6.9.5 Setup file parameters ..................................6-24
6.10 Trouble shooting ......................................................6-26
6.10.1 OCS Registry check utility .........................6-26
6.10.2 OPC server properly installed? ...................6-29
6.10.3 Server browser properly installed? .............6-29
6.10.4 OPC foundation DLL’s properly installed? 6-30
6.11 OPC DA Server DCOM tunnelling .........................6-31
6.11.1 Introduction ................................................6-31
6.11.2 Installing FAST/TOOLS DCOM tunneller 6-33
7 FAST/TOOLS OPC AE client .............................................7-1
7.1 General ......................................................................7-1
7.2 Interaction with other parts of FAST/TOOLS ...........7-1
7.2.1 Data set services (DSS) ................................7-2
7.2.2 OPC client setup-file ....................................7-2
7.2.3 (D)COM ........................................................7-2
7.2.4 ITEM/FAST ..................................................7-3
7.2.5 ALARM/FAST .............................................7-3
7.3 Quality code value .....................................................7-4
7.4 Runtime behaviour ....................................................7-4
7.4.1 Introduction ..................................................7-4
7.4.2 Initialisation ..................................................7-5
7.4.3 Heartbeat mechanism ....................................7-5
7.4.4 Check the connection to the OPC server(s) ..7-5
7.4.5 Reconnection mechanism .............................7-6
7.5 OPC AE client configuration .....................................7-6
7.5.1 Introduction ..................................................7-6
7.5.2 OPC AE client executable and process name 7-6
7.5.3 Stopping the OPC AE client .........................7-7
7.5.4 Setup-file parameters ....................................7-7
ACCESS/FAST System Integrator’s Manual v

Table of Contents
7.6 Tricks and Tips ......................................................... 7-9

7.6.1 Use one server per client .............................. 7-9
8 FAST/TOOLS OPC AE server ........................................... 8-1
8.1 Introduction ............................................................... 8-1
8.3 Some notes on the implementation of the server ...... 8-2
8.3.1 Introduction .................................................. 8-2
8.3.2 Supported events .......................................... 8-3
8.3.3 FAST/TOOLS AE server and OPC
(sub)conditions 8-3
8.3.4 Flow problems .............................................. 8-4
8.3.5 Server’s threads ............................................ 8-4
8.3.6 ProgID .......................................................... 8-5
8.3.7 Implementation of “Process Area” browsing 8-5
8.3.8 FAST/TOOLS priority to OPC severity mapping
8-6
8.4 Starting the server ..................................................... 8-7
8.5 Stopping the server ................................................... 8-7
8.6 Disabling condition acknowledgment ....................... 8-8
8.7 FAST/TOOLS specific event attributes .................... 8-8
8.8 OPC Server browsing ............................................... 8-9
8.9 Configuration ............................................................ 8-9
8.9.1 Introduction .................................................. 8-9
8.9.2 Setup file parameters .................................. 8-10
8.10 Trouble shooting ..................................................... 8-12
9 OPC Unified Architecture and FAST/TOOLS OPC UA
Client 9-1
9.1 General ...................................................................... 9-1
9.2 OPC Unified Architecture ......................................... 9-1
9.3 Protocols ................................................................... 9-2
9.4 Security ..................................................................... 9-2
9.5 Authentication ........................................................... 9-3
9.6 Authorization ............................................................ 9-3
9.7 Data Encryption and Data Integrity .......................... 9-4
9.8 More about OPC Unified Architecture ..................... 9-5
9.9 OPC UA Data Access Specification ......................... 9-6
9.9.1 Introduction ................................................. 9-6
9.9.2 The OPC UA Data Types ............................. 9-6
9.9.3 The OPC UA Data Access Variable Type Model
9-7
9.9.4 The DataItemType ....................................... 9-7
9.9.5 Additional properties .................................... 9-7
9.9.6 The AnalogType .......................................... 9-8
vi ACCESS/FAST System Integrator’s

Table of Contents
9.9.7 Additional properties ....................................9-8

9.9.8 The Discrete types ........................................9-8
9.9.9 The TwoStateDiscreteType ..........................9-8
9.9.10 The MultiStateDiscreteType .........................9-9
9.9.11 Variable Type mapping on FAST/TOOLS .9-9
9.9.12 Mapping of multi-dimensional variable types 9-
9
9.9.13 Mapping of status code .................................9-9
9.10 OPC UA Redundancy .............................................9-10
9.10.1 Introduction ................................................9-10
9.10.2 Client redundancy ......................................9-10
9.10.3 Server side redundancy ...............................9-10
9.10.4 Transparent Server redundancy ..................9-10
9.10.5 Non-Transparent Server redundancy ..........9-10
9.11 OPC UA Client integration .....................................9-11
9.11.1 Introduction ...............................................9-11
9.12 Configuring an OPC UA Client in FAST/TOOLS ..9-12
9.12.1 Subscribe for Data Changes and Events .....9-13
9.13 OPC UA engineering module tree ...........................9-14
9.14 Offline configuration ...............................................9-14
9.15 OPC UA line definition ...........................................9-14
9.15.1 OPC UA line definition functionality .........9-14
9.16 OPC UA station definition ......................................9-15
9.16.1 OPC UA station definition functionality ...9-15
9.17 OPC UA security certificates ..................................9-16
9.17.1 OPC UA Client certificate .........................9-16
9.18 OPC UA Subscription definition .............................9-17
9.18.1 OPC UA Subscription functionality ...........9-17
9.18.2 OPC UA point definition ............................9-17
9.18.3 OPC UA point definition functionality .....9-17
9.19 OPC UA client configuration ..................................9-18
9.19.1 Introduction ................................................9-18
9.19.2 OPC UA client process name .....................9-18
9.19.3 Starting the OPC UA client ........................9-18
9.19.4 Stopping the OPC UA client ......................9-18
9.20 Setup-file parameters ...............................................9-19
9.20.1 Example setup file settings (default): .........9-24
9.21 TIPS and Tricks .......................................................9-25
9.21.1 Use one server per client .............................9-25
9.21.2 Use quick-loads to configure OPC clients ..9-25
9.22 Quickload Example .................................................9-26
10 FAST/TOOLS OPC UA Server ........................................10-1
10.1 Introduction .............................................................10-1
ACCESS/FAST System Integrator’s Manual vii

Table of Contents
10.1.1 Definitions, Abbreviations and Acronyms . 10-1

10.1.2 Some notes on the implementation of the server
10-1
10.1.3 Interaction with other parts of FAST/TOOLS ...
10-1
10.1.4 SDK ............................................................ 10-2
10.2 OPC UA server usage ............................................. 10-4
10.2.1 OPC UA server process name .................... 10-4
10.2.2 Starting the OPC UA server ....................... 10-4
10.2.3 Stopping the OPC UA server ..................... 10-4
10.2.4 Configure items to be accessible by OPC UA ...
10-5
10.2.5 Authorization and Authentication .............. 10-7
10.2.6 Connecting an OPC UA client to the
FAST/TOOLS OPC UA server 10-8
10.3 OPC UA address space concepts ............................ 10-9
10.3.1 Node Model ................................................ 10-9
10.3.2 Attributes .................................................... 10-9
10.3.3 References .................................................. 10-9
10.3.4 Variables .................................................. 10-10
10.3.5 Properties ................................................. 10-10
10.3.6 Data Variables .......................................... 10-10
10.4 OPC UA server information model ...................... 10-11
10.4.1 OPC UA server address space browsing .. 10-11
10.4.2 OPC UA server Alarms and Conditions .. 10-15
10.4.3 OPC UA server Historical Data Access (HDA)
10-18
10.5 Trouble shooting ................................................... 10-21
10.5.1 No connection .......................................... 10-21
10.5.2 Fire wall ................................................... 10-21
10.5.3 No entities are visible ............................... 10-21
10.6 FAST/TOOLS OPXUAS setup file ...................... 10-22
10.6.1 General TAB: ........................................... 10-22
10.6.2 OPC UA Server TAB: .............................. 10-24
10.6.3 Logging TAB: .......................................... 10-25
10.7 OPC-UA Server toolkit configuration file ............ 10-26
10.7.1 Trace ......................................................... 10-26
10.7.2 <SerializerType>Binary ........................... 10-26
10.7.3 SecuritySettings ....................................... 10-26
10.7.4 OpenSSLStore: ......................................... 10-27
10.7.5 Server instance information ..................... 10-27
10.7.6 Build information ..................................... 10-27
10.7.7 User authentication .................................. 10-27
10.7.8 StackThreadPoolSettings ......................... 10-28
viii ACCESS/FAST System Integrator’s

Table of Contents
10.8 Discovery and Security Configuration ..................10-29

10.8.1 SDK Specific Configuration .....................10-29
10.8.2 General Concept .......................................10-29
10.8.3 Certificates, Certificate Store and Trust List 10-
30
10.8.4 Initial Server Configuration ......................10-31
10.8.5 Initial Client Configuration ......................10-33
10.8.6 Connection Configuration ........................10-34
10.8.7 Discovery ..................................................10-37
10.8.8 Certificate Management with GDS ..........10-39
11 Remote database copy ........................................................11-1
11.1 Introduction .............................................................11-1
11.2 Architecture .............................................................11-1
11.2.1 Configuration ..............................................11-2
11.2.2 Item and history data ..................................11-2
11.3 Limitations ...............................................................11-3
ACCESS/FAST System Integrator’s Manual ix

Table of Contents
x ACCESS/FAST System Integrator’s

Objectives Preface
0 Preface
0.1 Objectives
This manual is designed to provide system integrators with an overview
of the configuration possibilities of ACCESS/FAST.
0.2 Intended Audience

This manual is intended for system integrators who are familiar with
FAST/TOOLS in general, and particularly ACCESS/FAST. For
background information the reader is referred to the following
documents:
• DATABASE/FAST DSS System Integrator’s Manual.
• DATABASE/FAST DSS Language Manual.
• ODBC 2.0 Programmer’s Reference and SDK Guide.
• A Guide to the SQL Standard (Date, C.J. Addison-Wesley)
• The OPC Data Access specification (to be downloaded from the
OPC foundation web-site: www.opcfoundation.org)
0.3 Structure of this Document

The current release of ACCESS/FAST covers the ODBC and OPC
external interfaces of FAST/TOOLS. The first part of this document
(chapter 1 - 3) covers the ODBC functionality. The second part of this
document, covers the OPC functionality of the tool ACCESS/FAST.
0.4 Associated Documents

[1] DATABASE/FAST DSS System Integrator’s Manual
This manual contains a complete description of setting up DSS,
which is extensively used is used by ACCESS/FAST.
ACCESS/FAST System Integrator’s Manual 0-1

Preface Associated Documents
[2] HISTORY/FAST System Integrator’s Manual

This manual contains a description of the historical administration
of data, which can be retrieved using ACCESS/FAST.
[3] ALARM/FAST System Integrator’s Manual
This manual describes the alarm information and definitions,
which can be retrieved using ACCESS/FAST.
[4] ITEM/FAST System Integrator’s Manual
This manual describes the process signal data, which can be
retrieved using ACCESS/FAST.
[5] USER/FAST, FAST/TOOLS User Manual (new HMI style)
This manual provides information necessary for accessing
REPORT/FAST on your system.
[6] DATABASE/FAST DSS Language Manual
This manual describes the language used to define the data sets
accessible by ACCESS/FAST. Furthermore, it provides
additional information for accessing, creating, or deleting data
sets in the FAST/TOOLS environment, using the DSS-compiler.
[7] BUS/FAST Programmer’s Guide Volumes 1 and 3
ACCESS/FAST enables communication between Microsoft
ODBC enabled applications and applications using the
BUS/FAST message passing facilities. These manuals provide
additional information about the message passing facilities and
system conversion.
[8] FAST/CONVENTIONS Reference Guide
This manual supplies information about the standard message
layouts used within the FAST/TOOLS environment.
[9] FAST/TOOLS Installation Manual.
A description of the installation procedure for ACCESS/FAST.
[10] Using SimbaServer.
This manual provides information about the use of SimbaServer
and SimbaClient, in order to connect a FAST/TOOLS server with
Microsoft Windows client systems running ODBC enabled
applications.
[11] ODBC 2.0 Programmer’s Reference and SDK Guide
[12] OPC Data Access Custom Interface Standard (OPC foundation)
[13] OPC Alarm and Events (OPC foundation)
0-2 ACCESS/FAST System Integrator’s Manual

Conventions and abbreviations Preface
0.5 Conventions and abbreviations

The following conventions and abbreviations are used in this manual:
CONVENTION MEANING
() Used in routine syntax to indicate a list of
arguments that have to be passed.
<name> Indicates that <name> has to be replaced by the
actual function or statement argument.
[] Indicates that the enclosed item is optional.
[,...] Indicates that the previous item may be repeated
one or more times
{ }.. Indicates that the previous enclosed items may be
repeated one or more times
... Indicates that not all of the items are shown.
UPPERCASE Indicate reserved words and predefined letters
names, e.g. NULL, TRUE, DUR_NOWAIT.
n.u. not used
output This typesetting is used to indicate output on a
terminal
input This typesetting is used to indicate input from the
user
ABBREVIATION MEANING
API Applications Programming Interface
DA Data Access (in OPC context)
DSS DATABASE/FAST Data Set Services
ODBC Microsoft Open DataBase Connectivity
OPC OLE for Process Control
SQL Structured Query Language, according to the
X/Open and SQL Access Group SQL CAE
specifications of 1992

Preface Conventions and abbreviations

General Introduction to ODBC
1 Introduction to ODBC
1.1 General
This chapter introduces the reader to the functionality of the ODBC
functionality in ACCESS/FAST. The following items are discussed:
• Functionality of ODBC.
• Architectural overview of ODBC.
• Components of ODBC.
Required FAST/TOOLS components for the FAST/TOOLS ODBC
interface:
• BUS/FAST
Facilitates the message passing, error text management, and the
support library functions of FAST/TOOLS.
• DATABASE/FAST
Facilitates the Indexed Sequential Access Method to and from the
various database files within the FAST/TOOLS environment. In
addition DATABASE/FAST supplies the DSS functionality.
• ITEM/FAST
Facilitates the maintenance of the real-time and historical database
with process signal data of FAST/TOOLS.
• HISTORY/FAST
Facilitates the history management and the scheduling of history.
• ALARM/FAST
Facilitates the input of item-based events caused by status changes
and the input of non item-based events caused by application
programs, the acknowledgements of alarms by application
programs, the retrieval of alarm information by application
programs, the alarm recovery actions by application programs and
the notifications about changes in FAST/TOOLS definitions.
1.2 Functionality of ODBC

ACCESS/FAST is a tool in the FAST/TOOLS suite that, among others,
facilitates Microsoft Open DataBase Connectivity (ODBC) between
ODBC enabled applications and data from the various FAST/TOOLS
data sets. From an ODBC enabled application, such as a spreadsheet, it

Introduction to ODBC Architectural overview of ODBC
is possible to exchange information between FAST/TOOLS data sets

and the ODBC enabled application. ODBC allows this data exchange to
take place across a network, making it possible to access FAST/TOOLS
data sets remotely. ACCESS/FAST provides read and write access to
FAST/TOOLS data sets. It is not possible to create or delete data sets
with the FAST/TOOLS ODBC functionality.
The various layers of ODBC as defined by Microsoft take care of
presenting the data in the form of tables to ODBC enabled applications.
Accessing data from an ODBC enabled application is performed by
means of SQL queries on these tables. The user only has to supply the
query and the name of the data source from which the information is
retrieved. No further knowledge of the physical structure of the data is
required by the application.
The various FAST/TOOLS data sets are defined in a data dictionary.
Data set definitions can be added, modified or deleted, using the
DATABASE/FAST DSS Language compiler.
The communication between a FAST/TOOLS environment on a server
and the ODBC enabled applications on the various client systems is
handled by SimbaServer and SimbaClient using the TCP/IP network
protocol.
1.3 Architectural overview of ODBC
1.3.1 General overview of an ODBC interface
The general architectural overview of the ODBC concept is depicted in

Figure 1-1. Within the ODBC concept it is possible to distinguish four
different components: the ODBC enabled application, the ODBC Driver
Manager, the ODBC driver and the data source.

Architectural overview of ODBC Introduction to ODBC
ODBC enabled application

ODBC Driver Manager

ODBC ODBC ODBC
driver driver driver }ODBC
interface
data data data

source source source
Figure 1-1 Architectural overview of the ODBC concept.

ODBC enabled The ODBC enable applications are third party software applications,
applications which perform ODBC function calls in order to retrieve, manipulate,
create or delete data from the various data sources in a system.
ODBC The prime purpose of the ODBC Driver Manager is to load the ODBC
Driver drivers. Furthermore, it provides entry points to the ODBC functions of
Manager
the different drivers and validates sequences and parameters for the
ODBC calls. On each system the ODBC driver manager has its own
configuration file called “.odbc.ini”. This configuration file contains
information about which data sources are available and the names of the
drivers required to retrieve the data.
ODBC In response to the ODBC function calls, the ODBC driver performs
driver tasks like:
• Handling the communications with data sources,
such as establishing and terminating connections.
• Submitting SQL statements to data sources.
• Translating data to and from the desired format,
as requested by the ODBC enabled application.
• Returning the results from the queries to the application.
• Formatting the errors into standard error codes and returning them
to the application.
Note that the first task, as mentioned above, explicitly belongs to the

Introduction to ODBC Architectural overview of ODBC
ODBC driver. The other remaining tasks can also be performed by data
access software like database engines.
data source The data source, accessible by the ODBC interface, consists of various
tables. Each table in turn consists of records, which are filled with data
in the record’s fields. According to the Microsoft ODBC standard there
are two types of data sources; system and user. The system data source
is accessible by all the users working on the system, where the data
source is located. The user data source is only accessible by the user, as
defined by the system where the data source is located.
The installation and removal of the different ODBC drivers and data
ODBC source specifications is done, using an ODBC Driver Administrator
Driver application. In most cases this is done by the Microsoft ODBC Driver
Administrator
Administrator.
1.3.2 ODBC configurations
Microsoft defines two different types of ODBC configurations: the

single-tier and multiple-tier configuration. The main difference between
the two configurations is the location of the data access software or the
so-called database engine, see Figure 1-2.
Single-tier Multiple-tier
configuration configuration
Client system Client system
• ODBC enabled application • ODBC enabled application
• ODBC Driver Manager • ODBC Driver Manager
• ODBC driver • ODBC driver
(includes data
access software)
Network
Server system Server system

• Data sources • Data access software
• Data sources
Figure 1-2 General concept of a single-tier (left-hand side) and a

multiple-tier (right-hand side) ODBC configuration

Architectural overview of ODBC Introduction to ODBC
single In a single-tier implementation, one can distinguish the following

tier components:
• The ODBC enabled application
• The ODBC Driver Manager
• The ODBC driver (including data access software).
• The data source.
In general the ODBC enabled application, the ODBC Driver Manager
and the ODBC driver reside together. The data source can be located on
either the same computer or another (server) computer in a network. In
this case the driver not only handles the SQL calls but also contains the
data access software which is responsible for retrieving the data from the
data source.
multiple In a multiple-tier implementation, one can distinguish the following

tier components:
• The ODBC enabled application.
• The ODBC Driver Manager.
• The ODBC driver.
• The data access software.
• The data source.
Once again, the ODBC enabled application, the ODBC Driver Manager
and ODBC driver reside on one (client) system. However, both the data
access software and the data sources reside on a different (server)
system. This is preferable to a single-tier configuration when operating
in a client-server environment, because the raw data does not need to be
pulled over the network. The information will be formatted before it is
transmitted to the client, reducing the amount of network traffic.
ACCESS/FAST provides the data access software for FAST/TOOLS. In
the FAST/TOOLS environment the data is stored in data sets. The
definition of the record layout and other properties of a data set, is done
DSS via the DSS Language (see [6]). The definition of a data set, expressed
Language in the DSS Language, reside in a DSS-file. The only way to create,
change or remove data sets from the FAST/TOOLS environment is by
means of the DSS-compiler and DSS-files on the FAST/TOOLS server
(not remotely). As a result of this, it should be clear that the ODBC
functionality in ACCESS/FAST, is a multiple-tier ODBC interface.

Introduction to ODBC Components of the FAST/TOOLS ODBC interface
1.3.3 ODBC conformance levels
Due to the fact that data sources and the ODBC drivers provide a varying
conformance range of functionality, the ODBC standard defines conformance levels.
level These conformance levels determine the ODBC procedures and SQL
statements supported by the ODBC driver. The ODBC conformance
levels can be divided into two parts; one being the ODBC API functions
and the other one being the SQL grammar (see [11]).
The API conformance level defines a set of core functions, used to
connect to a data source and can be divided into three levels; core, level
1 and level 2.
The SQL conformance level defines the SQL grammar used by the
database and can be divided into three levels; minimum, core and
extended.
The ODBC functionality in ACCESS/FAST is based on the following
conformance levels; API conformance level “1” and SQL conformance
level “minimum”.
1.4 Components of the FAST/TOOLS ODBC

interface
1.4.1 General
Figure 1-3 shows how the multiple-tier ODBC interface can be divided
into a client part and a server part. The communication between the
client and the server is handled using a TCP/IP network. In this section
the different ODBC components on the server and client system are
discussed.

Components of the FAST/TOOLS ODBC interface Introduction to ODBC
Client System A Client System B
ODBC Driver Manager ODBC Driver Manager

(e.g. Microsoft ODBC32.DLL) (e.g. Microsoft ODBC32.DLL)
ODBC driver ODBC driver ODBC driver ODBC driver

type A type B type A type C
(e.g. Simba (e.g. MS Access) (e.g. Simba- (e.g. Oracle)
Client Client
SIMCLT32.DLL) SIMCLT32.DLL)
TCP/IP
network
Data Access Manager
Data Access Software Data Access Software

type A type B
(e.g ACCESS/FAST) (e.g Oracle)
Data Data
source source
A’ B’
Server System A
(Unix or NT)
= ODBC enabled application, e.g. MS Excel
Figure 1-3 Architectural overview of FAST/TOOLS ODBC interface

1.4.2 Client system
As shown in Figure 1-3, the following applications and ODBC

components must be installed on the client system:
• Microsoft Windows version 95/98/ME/2000 or NT 4.0 (work
station).
• An ODBC enabled application, like Microsoft Excel,
Crystal Reports, or Microsoft Access.
• Microsoft ODBC Driver Manager version 2.5.
• SimbaClient ODBC driver and administrator.
• TCP/IP network software.
ODBC enabled application environment
It should be noted that on client systems, the 32-bit address versions of

the ODBC enabled applications are required. In case of using the 16-bit
address version of an ODBC enabled application, one should install the
Microsoft ODBC Dynamic Link Libraries (DDL) used for conversion
between 16-bit and 32-bit addressing; the so-called “thunking” libraries.
In order to transport data between the client and server systems (and the
third party software products SimbaClient and SimbaServer) TCP/IP
network software is required.
ODBC Driver Manager
The ODBC conformance levels of the third party software products

SimbaClient and SimbaServer require version 2.5 of the Microsoft
ODBC Driver Manager.
SimbaClient
At connection time the SimbaClient sends a request to identify the the

known SimbaServer servers within the network neighbourhood, in order
to update their lists of available system data sources. After identification
of the available SimbaServer servers, each server is asked for a list of
data sources available on that server.

Components of the FAST/TOOLS ODBC interface Introduction to ODBC
SimbaClient Administrator
The SimbaClient Administration Utility is used to specify from which

SimbaServer data sources should be retrieved. This is configured by
entering the IP address of the FAST/TOOLS’ server system. It should be
noted that the data sources, which are accessible to SimbaClient, can
either be a system or a user data source. Special care should be taken in
defining the data sources. A data source which is installed as both
system and user can result in a conflicting situation.
1.4.3 Server system of ODBC interface
The following ODBC components and applications must be installed on

the server system:
• TCP/IP network software.
• FAST/TOOLS environment.
• SimbaServer ODBC data access manager.
• ACCESS/FAST (at least the ODBC functionality must be licensed)
FAST/TOOLS environment
In order to access the desired data sources, the FAST/TOOLS

environment must be running on the server system. To create, change,
or remove data sets from the data dictionary, the DSS-compiler is
needed (see [6]). The various FAST/TOOLS data sets together form a
single ODBC data source.
ODBC data access manager
The ODBC Data Access Manager on the server side is implemented by

the third party software product SimbaServer. The Data Access
Manager handles the communication with the ODBC driver
(SimbaClient) on the client system by handling connection requests
from the various SimbaClients for connections to the data sources on the
server systems. It is also responsible for updating system data source
information to the various SimbaClient systems. The Data Access
Manager translates requests from SimbaClient and passes them to the
FAST/TOOLS “ODBC engine”.

ACCESS/FAST (ODBC functionality)
ACCESS/FAST ODBC processes requests by using DSS and, in case of

“read requests”, supplies the results of queries to the SimbaServer again.
The ODBC functionality in ACCESS/FAST (the FAST/TOOLS
“ODBC engine”), performs the following tasks:
• Transforming FAST/TOOLS data set structures into fields which
conform to SQL ANSI standard, and visa versa.
• In case of “read requests”, collecting the required data via the
DSS-API, from the various data sets, and passing them through the
data access manager to the client system.
In case of “write/update requests”, pass the supplied data via the
DSS-API to the FAST/TOOLS data sets.

Introduction Using ODBC functionality
2 Using ODBC functionality
2.1 Introduction
This chapter discusses the process of setting up an ODBC connection to
FAST/TOOLS using ACCESS/FAST. This chapter is divided into the
following parts:
• Setting up an ODBC connection to FAST/TOOLS.
• Accessing FAST/TOOLS information from an ODBC enabled
application.
• Commonly occurring errors in an ACCESS/FAST ODBC session.
2.2 Setting up an ODBC connection
2.2.1 Software installation
For purposes of illustration a client-server configuration will be

assumed. The client and server systems must be connected via a network
using TCP/IP. It is also possible to install both client and server parts on
a single machine. In this case the installation and principal of operation
is the same.
On the client system (a laptop or desktop PC for example), the following
applications must be correctly installed and running. Note that it is not
necessary to install FAST/TOOLS on the client system.
• The ODBC enabled application (e.g Microsoft Excel).
• Microsoft ODBC Driver Manager version 2.5. This is normally
included with Microsoft Windows operating systems and doesn’t
require separate installation.
• SimbaClient ODBC driver.
On the server system the following applications must be correctly
installed and running:
• SimbaServer. This is responsible for managing the data access
software.
• ACCESS/FAST.
A license for the FAST/TOOLS ODBC functionality in

Using ODBC functionality Setting up an ODBC connection
ACCESS/FAST is needed.
• FAST/TOOLS server environment. Even in a multi-node
FAST/TOOLS configuration, the data set definitions are
maintained on the server. The following FAST/TOOLS modules
must be present:
- AUDIT/FAST
- BUS/FAST
- DATABASE/FAST
- HISTORY/FAST
- ITEM/FAST
- INTEGRATION
2.2.2 Software configuration
The default configuration allows a client and server set-up on a single

node to be run without any further intervention. However if the client is
running on a different node, it will be necessary to tell SimbaClient on
which node to look for its FAST/TOOLS data. This can be done by
specifying the IP address of the server machine in the SimbaClient
configuration Utility. This utility is described in more detail in chapter
3. There are also a number of other areas where it may be necessary to
tailor the configuration. The following configuration areas can be
identified:
1 FAST/TOOLS data sets
The system integrator is capable of modifying or adding data sets
to the FAST/TOOLS system. These data sets will automatically
become visible to an ODBC enabled application when the
FAST/TOOLS data source is accessed. Configuring data sets is
beyond the scope of this document and is described in detail in
reference [6].
2 ACCESS/FAST
The way in which data sets are accessed and presented to an ODBC
enabled application can be configured to a certain degree. Setting
up the ODBC part of ACCESS/FAST is described separately in
chapter 3.
3 SimbaClient
SimbaClient communicates with the SimbaServer software running
on the server machine. Depending on the network configuration it
may be necessary to modify the SimbaClient settings. This is
always required in case the client and server are running on
different nodes. Setting up SimbaClient is described separately in

Accessing FAST/TOOLS information Using ODBC functionality
chapter 3.
2.3 Accessing FAST/TOOLS information
2.3.1 General
Provided the software installation has been successful and all

components are running, the FAST/TOOLS data source will be visible
to an ODBC enabled application. No further intervention should be
necessary. The ODBC enabled application will allow the FAST/TOOLS
data source to be selected and SQL queries to be made on the data sets.
This subsection briefly describes how this works.
2.3.2 The ODBC connection
When the server machine is booted up, the SimbaServer service will be
started automatically. By starting FAST/TOOLS including
ACCESS/FAST, FAST/TOOLS is made visible as a data source to
SimbaServer.
After SimbaClient has been installed on the client machine it must be
told from which SimbaServer to retrieve its data from. This is done by
means of the SimbaClient configuration utility (see chapter 3). The same
utility can be used to force SimbaClient to check on the fly for new data
sources and also includes a report feature which shows which nodes on
the network have data sources available. If configuration is correct, the
IP address of the server will be visible. By selecting more detail about
this node, the FAST/TOOLS data source name should be displayed.
The exact procedure for accessing data from an ODBC enabled
application differs per application, but the principal is the same for all of
them. Initially a list will be displayed of all the data sources available
together with their related drivers. In the case of FAST/TOOLS this will
indicated as “<host>:FAST/TOOLS ODBC Driver”, where “<host>” is
the host name of the server machine. Selecting this data source will
generate a connection request. ACCESS/FAST will look-up the
available data sets and the Simba software will take care of presenting
these as SQL tables to the application. The next step is to run SQL
queries on these tables from within the application in order to display the
desired information.

Using ODBC functionality Commonly occurring errors
Note that wildcard handling in MS applications may differ slightly from

the standard SQL syntax. SQL uses the ‘%’ character to match zero or
more characters and ‘_’ to match any single character in a LIKE
predicate. MS Office can use the ‘*’ and ‘?’ characters respectively to
perform the same functions. Care should be taken when accessing
FAST/TOOLS definitions that contain an ‘_’ or ‘%’ as part of the name.
Make sure that if these characters are used as parts of names, that they
are not translated as wildcards in a LIKE predicate by placing the escape
character (‘\’) before them in the expression string.
2.4 Commonly occurring errors

The most commonly errors that may occur during an ODBC session, are
described below:
SQLConnect API function returns:
SQL_ERROR = -1
SQLError API function returns:
SQL State = IM003
Error message:
“[Microsoft] [ODBC Driver Manager] Specified
driver could not be loaded”.
Problem cause:
The SimbaClient ODBC driver is missing or not correctly
installed on the current client system.
Solution:
Re-install the SimbaClient ODBC driver on the current
client system.

SQL_ERROR = -1
SQL State = IM003
Error message:
“Driver SQLSetConnectAttr failed. Specified
driver could not be loaded due to system error

Commonly occurring errors Using ODBC functionality
[Driver name]”.
Problem cause:
The FAST/TOOLS data access software is missing or not
correctly installed on the server system.
Solution:
Check that ACCESS/FAST has been installed correctly on
the server and if necessary re-install it.

SQL_ERROR = -1
SQL State = IM002
Error message:
“[Microsoft] [ODBC Driver Manager] Data source
name not found and no default driver
specified”.
Problem cause:
The data source is not known to the client system.
Solution:
Update the “.odbc.ini” file using the SimbaClient
Configuration Utility.

SQL_NO_DATA_FOUND = 100
SQL State = 08S01
Error message:
“[Simba] [Simba ODBC Driver] [SimbaClient]
[SimbaClient LNA] SimbaClient cannot access
the data source because SimbaServer is not
running at the specified port number. Contact
your system administrator for assistance”.
Problem cause:
SimbaServer is not running on the specified server system
or the port number on the server system and the

SimbaClient port number on the client system are not

equal.
Solution:
Check if SimbaServer is running on the specified server
system, if not start SimbaServer. Else check if the earlier
mentioned port numbers are equal, if not use SimbaConfig
to change the SimbaServer port number on the server
system or use the SimbaClient Configuration Utility to
change the SimbaClient port number.
SQL_ERROR = -1
SQL State = S1000
Error message:
“[Simba] [SimbaClient ODBC Driver] [SimbaLNA]”.
Problem cause:
SimbaServer is running on the specified server system, but
SimbaServer is unable to load the specified ODBC driver.
Solution:
Check if there exists an equivalent named section in the
“.odbc.ini” file, if not add the required section to the file.
Next, check if the correct ODBC driver library is
mentioned in the required section. Finally, check if the
system environment is correctly set for the required ODBC
driver.

SQL_ERROR = -1
SQL State = 01002
Error message:
[SimbaClient LNA] Disconnect error; Transition
rolled back”.
together with
SQL State = 08S01

Commonly occurring errors Using ODBC functionality
Error message:
[SimbaClient LNA] You have been unexpectedly
disconnected from the server. Re-start your
application, then access the data source again.
Contact your system administrator if you still
need assistance”.
Problem cause:
During the time that an ODBC enabled application makes
a connection to the ACCESS/FAST ODBC driver, the
ODBC driver tries to connect to the FAST/TOOLS
environment using BUS/FAST. If BUS/FAST is not started
or if ACCESS/FAST is not able to communicate with
BUS/FAST, then the driver is interrupted. This interrupt
results in a sudden disconnection between the ODBC
enabled application and the ODBC driver.
Solution:
Check if BUS/FAST is started on the FAST/TOOLS server
system, if not start the FAST/TOOLS environment.
Otherwise check if ACCESS/FAST is able to communicate
with BUS/FAST by using the BUS/FAST DUR Display
Utility.


Introduction Configuring ODBC functionality
3 Configuring ODBC functionality
3.1 Introduction
This chapter explains how to configure the ODBC functionality of
ACCESS/FAST to meet particular (customer-dependent) requirements.
The following are described:
• Setting up ACCESS/FAST.
• Setting up SimbaServer and SimbaClient.
The “ODBC engine” in ACCESS/FAST obtains its information from the

FAST/TOOLS data sets. Modifying the definition of these data sets can
be done with the help of the DSS compiler. See reference [6] for how to
use the DSS compiler.
Most of the FAST/TOOLS processes use their own particular set-up

files. The set-up files are read when the process is initialized and define
its behavior. In the case of the FAST/TOOLS ODBC interface, the setup
file is called “odbsys.sup”. As usual, it resides in the FAST/TOOLS
set-up directory.
Furthermore, a number of ODBC related system related initialization

files are also used. The names of these files differs slightly depending on
the operating system. These files are automatically updated by the
ODBC software and are mentioned here for completeness. Under
normal circumstances it is not necessary to modify these files by hand.
Under Unix systems the following files are used, which are located in
the user’s home directory:
• .odbc.ini
Under Microsoft Windows these file are keys in the registry:

• HKEY_LOCAL_MACHINE/SOFTWARE/ODBC/odbc.ini
• HKEY_LOCAL_MACHINE/SOFTWARE/ODBC/odbcinst.ini
For clarity these files will be referred to as “odbc.ini”, and

“odbcinst.ini” in the remainder of this document.

Configuring ODBC functionality Set up file parameters ODBC functionality
The file “odbcinst.ini” contains entries for all the installed ODBC
drivers and is present on the client side. The file “odbc.ini” lists which
data sources are available and which ODBC drivers are used to handle
them.
The Microsoft ODBC Driver Manager uses “odbc.ini” and
“odbcinst.ini”. When an ODBC application wants to open a data
source, the data source name will be looked up in “odbc.ini”. in order
to determine which driver to use. Specific information about the driver
will then be read from “odbcinst.ini”.
As an ODBC driver, SimbaClient uses “.odbc.ini”. Updating the
known data sources using the SimbaClient configuration utility will
update this file.
SimbaServer uses the file “odbc.ini” to obtain information about the
data access software in this case.
3.2 Set up file parameters ODBC functionality

The settings for the FAST/TOOLS ODBC driver are defined in the
set-up file “odbsys.sup” located in the FAST/TOOLS set-up directory.
Many of the keywords in this file are related to how fields are presented
to the ODBC enabled application.
Keyword:
TABLE_SUPPRESSION
Description:
Defines whether the data sets that have been flagged as
“hidden” in the FAST/TOOLS data dictionary will be
invisible to the ODBC enabled applications. By default this
option is active.
Syntax:
TABLE_SUPPRESSION = yes|no
Example:
TABLE_SUPPRESSION = yes
Keyword:
FIELD_SUPPRESSION

Set up file parameters ODBC functionality Configuring ODBC functionality
Description:
Defines whether the fields in a FAST/TOOLS data set have
been flagged as “hidden” will be invisible to the ODBC
enabled applications. By default this option is active.
Syntax:
FIELD_SUPPRESSION = yes|no
Example:
FIELD_SUPPRESSION = yes
Keyword:
LOGIN_REQUIRED
Description:
Defines whether the user of an ODBC enabled application
is forced to supply a user name and password for accessing
a FAST/TOOLS data set. Both the user name and password
must be valid for the FAST/TOOLS environment which
the user wants to access. By default this option is active.
Syntax:
LOGIN_REQUIRED = yes|no
Example:
LOGIN_REQUIRED = yes
Keyword:
TRACE
Description:
Defines whether the “ODBC engine” on the server system
logs tracing information. Activating this option results in
information about the calls and exits of the routines used by
the ODBC driver. This option results in a considerable loss
of performance and should be used for trouble shooting
purposes only. By default this option is inactive.
Syntax:
TRACE = yes|no
Example:
TRACE = no

Configuring ODBC functionality Set up file parameters ODBC functionality
Keyword:
TRACE_EXT
Description:
Defines whether the FAST/TOOLS ODBC driver on the
server systems logs additional, detailed information of the
routines used by the ODBC driver. This option results in a
considerable loss of performance and should be used for
trouble shooting purposes only. By default this option is
inactive.
Syntax:
TRACE_EXT = yes|no
Example:
TRACE_EXT = no
Keyword:
TRACE_FILE
Description:
Defines the file path and file name to which the tracing
information is directed. If no file path and name is specified
then the tracing information is directed to “stdout”. By
default the tracing information is directed to “stdout”.
Syntax:
TRACE_FILE = “<file path><file name>”
Example:
TRACE_FILE =
TRACE_FILE = “/tls/log/odbctrace.log”
Keyword:
USER
Description:
Defines the FAST/TOOLS user who’s authorizations will
be used in case login is not required (see
“LOGIN_REQUIRED”). When no login is required and
this keyword is omitted then an ODBC client has no access
restrictions.

Setting up SimbaClient Configuring ODBC functionality
Syntax:
USER = <user name>, [<password>]
Example:
USER = JOHN, “hgdsa5”
USER = GUEST
3.3 Setting up SimbaClient

SimbaClient passes the SQL statements from the ODBC enabled
application to the SimbaServers on the network and returns the
requested data from the SimbaServers to the ODBC enabled
applications. There are a number of ways to update the list of data
sources available on the various SimbaServers in the network:
• Running the SimbaClient Configuration Utility.
An update option is available which polls the network for data
sources available from SimbaServer.
• Accessing a SimbaServer data source using an ODBC enabled
application.
The data source can be referred to directly by name.
By default SimbaClient runs in background under the user account.
To set up SimbaClient, it is advisable to use the SimbaClient
Configuration Utility. During the installation of SimbaClient this utility
is not added to the “Start Menu” of the Windows environment. This is
due to the sensitivity of the various items of SimbaClient which can be
changed. Users should take special care when using this utility. The
SimbaClient Configuration Utility offers the possibility to:
• Update the data source list.
• Remove data sources from the list
• Report on the data sources currently available to the user.
• Specify the IP address and port number of the SimbaServer with
which to communicate.
• Enable automatic data source list updates.
The SimbaClient Configuration Utility is located in the SimbaClient

installation directory (default directory on windows system
“c:\Program Files\Simba Technologies\SimbaClient”) and is

Configuring ODBC functionality Setting up SimbaClient
Figure 3-1: Dialog box of the SimbaClient Configuration Utility
called “simutl32.exe”. The dialog box of the SimbaClient

Configuration Utility is shown in Figure 3-1:.
To update the list of ODBC data sources press the “Update” button at
the top of the dialog box from the SimbaClient Configuration Utility.
After a short time the number of updated data sources will be reported.
These will be added to the list of data sources in the “.odbc.ini” and
can be listed using the “Detail...” button.
By default, the data source information of the various SimbaServers is
stored under the user’s account in the registry under the key
“HKEY_CURRENT_USER/SOFTWARE/ODBC/odbc.ini”. However,
in some cases it is desirable to store the data source information in the
system account. An example of this case is an ODBC enabled
application which only uses system-wide data sources, e.g. web server
software. The system account is located in the registry under the key
“HKEY_LOCAL_MACHINE/SOFTWARE/ODBC/odbc.ini”. Using
the check box in the SimbaClient Configuration Utility, one is able to
change from the user’s account to the system account.
It may be necessary to remove data sources from the list. This is only
required if a FAST/TOOLS server is no longer available or should no
longer be accessible from the client. Pressing the “Remove...” button
in the SimbaClient Configuration Utility causes the “Remove Data
Sources” dialog box to appear, see Figure 3-2:. To remove all listed

Figure 3-2: Dialog box for the removal of data sources.
ODBC data sources press the “Select All” button, followed by the
“Remove” button. To remove a single listed data source, highlight the
data source by setting the mouse pointer on the desired item to select it
and press the “Remove” button. To deselect items in a list of selected
data sources, highlight the selected item again or use the “Clear All”
button to deselect all selected items. Use the “Close” button to quit the
dialog.
Figure 3-3: Dialog box for the list of connected SimbaServer data
sources.
To generate a detailed report of the data sources press the “Report...”

button at the top of the SimbaClient Configuration Utility. The “Data
Source Report” dialog box will appear, see Figure 3-3:. This dialog box
displays a list of SimbaServers by name as well as IP address and the

action taken if the “Update” button in the SimbaClient Configuration

utility is pressed. Pressing the “Detail...” button on the left side of the
dialog box, after selecting a server name from the list, results in a list of
ODBC data sources on the selected server. Furthermore, the data source
report can be saved to disk using the “Save” button.
Figure 3-4: Dialog box showing the detailed Data Source Report.
Figure 3-5: The Advanced Data Source Management dialog
By default, SimbaClient will look for a SimbaServer on its own

machine. By means of the “Advanced...” button, the address of a
SimbaServer can be specified. This option must be used in case
SimbaServer is running on another machine. A dialog form appears
where the IP address and port number of the SimbaServer can be

specified. Fill in the IP address of the machine on which SimbaServer

and FAST/TOOLS is running. The port number should be set to 1583,
which is the number reserved for use by SimbaServer. The Simba
Services Port number must match the port number of the SimbaServer
to be contacted. SimbaClient can not connect to SimbaServer if the port
numbers are not the same. After a server has been specified, return to the
main dialog with the “OK” button and use the “Update” function to
retrieve the data sources available from that server.
To use SimbaClient stand-alone (a system with FAST/TOOLS and

SimbaClient that is not connected to the network) the following entry in
the registry must be changed:
HKEY_LOCAL_MACHINE/SOFTWARE/ODBC/ODBC.INI/
<systemname>:FAST/TOOLS_C32/ServerName (<systemname>
should be replaced with the name of the system).
It must be set to: ‘127.0.0.1.1583’ to contain the ethernet loopback
address.


General Introduction to FAST/TOOLS OPC interface
4 Introduction to FAST/TOOLS
OPC interface
4.1 General
This chapter introduces the reader to the functionality of the
FAST/TOOLS OPC interface.
As such this chapter describes:
• What OPC stands for and what kind of problems the standard and
its implementations are going to solve.
• How OPC is used in the FAST/TOOLS product and what kind of
basic architectures can be used.
• Some miscellaneous information e.g.
- The representation of OPC item quality codes upon
FAST/TOOLS quality codes and vice versa.
The following chapters describe more specifically the FAST/TOOLS

OPC client and server functionality.
4.2 OPC
OPC stands for OLE for Process Control. It is an industry standard
created with the collaboration of a number of leading worldwide
automation and hardware software suppliers. The purpose of the
standard is to provide “plug-and-play” interoperability between data
consumer- and data producer components in an information system.
OPC provides a common interface for communicating with diverse
process control devices, regardless of the controlling software or devices
in the process.
The general idea is that vendors of process devices or SCADA packages,
provide OPC servers whose interfaces comply with the OPC standard.
Any OPC client that complies with the OPC standard, is able to
communicate with any of those servers, regardless of the vendor specific
implementation of the process device or SCADA package.
Previously, with the lack of such a standard, vendors tended to
create/use all kinds of drivers to be able to interact with (“foreign”)
devices or software packages. This situation has been depicted in Figure

Introduction to FAST/TOOLS OPC interface OPC
4-1.
Application A Application B
Device/ Device/ Device/ Device/

Package Package Package Package
A B C D
Figure 4-1 Before standardization
With OPC, both the client as well the server side of an application, only
have to focus on one set of standard interfaces. This has been depicted
in Figure 4-2.
Application A Application A
OPC client side OPC client side
interface interface
(D)COM
OPC server OPC server OPC server OPC server

side interface side interface side interface side interface
Device/ Device/ Device/ Device/
Package Package Package Package
A B C D
Figure 4-2 OPC standardization
The OPC standard is based on Microsoft’s (D)COM technology.

(D)COM is a standard part of the Windows operating system. (D)COM
stands for (Distributed) Component Object Model. (D)COM is a binary
standard which makes it possible to perform “transparent
communication” between “software components” residing on the
network (i.e. either local or remote). By “transparent communication”

FAST/TOOLS and OPC Introduction to FAST/TOOLS OPC interface
we mean, that the software using (D)COM is not concerned with

inter-node communication aspects. Software components using
(D)COM, see no difference between communicating with local
components or communicating with remote components. (D)COM
makes it possible to ignore where a software component runs.
It is this (D)COM technology, that OPC clients and servers use, to
communicate with each other.
If you are interested in more information about the (D)COM technology,
please consult the appropriate Microsoft documentation.
The OPC standard is managed by the OPC foundation. The objective for
this OPC foundation is the development of an open, flexible,
plug-and-play standard. This standard should allow end users to have a
greater choice of solutions and to reduce development and maintenance
costs for hardware and software suppliers.
If you are interested in more detailed information regarding the OPC

foundation and the OPC standard, please visit the web-site of the OPC
foundation (www.opcfoundation.org).
4.3 FAST/TOOLS and OPC
4.3.1 Introduction
For the FAST/TOOLS product, the Alarm&Event (AE) part and the
Data Access (DA) part of the OPC standard have been implemented.
For both AE and DA, an OPC client as well as an OPC server have been
implemented for the FAST/TOOLS product.
Because of this functionality:
• Third party OPC Alarm&Event clients can obtain OPC condition
events for FAST/TOOLS items switching to an “active” alarm
state. Optionally the condition events can be acknowledged.
Furthermore, the OPC Alarm&Event clients have the possibility to
browse the FAST/TOOLS event areas (OPC notion) and available
event sources.
• FAST/TOOLS can access (third party) OPC Alarm&Event servers
to receive condition events (OPC notion) sent by these servers.
The information present in these condition events, is projected in
FAST/TOOLS items to make it generally available to other

Introduction to FAST/TOOLS OPC interface FAST/TOOLS and OPC
FAST/TOOLS functions.
• Third party OPC Data Access clients can get (read/write) access to
dynamic item data (value and quality information) in both a
synchronous and asynchronous manner.
In addition to this, the Data Access clients have the possibility to
get this dynamic data in an event oriented way.
Furthermore, Data Access clients have the possibility to browse the
name space of a FAST/TOOLS system, to “discover” which items
and sub-items are currently defined in the FAST/TOOLS system.
• FAST/TOOLS can access (third party) OPC Data Access servers to
read and/or write value/quality data offered via these servers.
The value/quality data made available by these servers is projected
in FAST/TOOLS items to make it generally available to other
FAST/TOOLS functions.
4.3.2 Architectures
Due to the underlying COM/DCOM technology, which is natively

implemented on Windows platforms, the FAST/TOOLS OPC servers as
well as the FAST/TOOLS OPC client, must run on a Windows platform.
This however, does not prevent the ability to apply the FAST/TOOLS
OPC interface in a mixed configuration with UNIX systems.
In the remaining part of this section, some basic architectures have been
depicted to give an impression of the possibilities. These examples are
typical basic configurations. Several variations on the conceptual
architectures presented here, are possible.
4.3.3 OPC server centric basic architectures
Figure 4-3, depicts a configuration where a single Windows platform

contains all FAST/TOOLS functionality. The picture focuses on the use
of the FAST/TOOLS DA server, which acts as standard “gateway” for
(third party) OPC clients to FAST/TOOLS name-space- and item data.
However the picture also applies to the FAST/TOOLS AE server.

An OPC COM F/T OPC

client server
DUR
Other F/T
parts
Windows
platform
Figure 4-3 FAST/TOOLS as OPC server, single node solution,

Windows platform only
Figure 4-4, shows a configuration in which the FAST/TOOLS and

particularly the FAST/TOOLS OPC functionality, is distributed across
a number of Windows platforms. The (third party) OPC client can
connect to either or both of the FAST/TOOLS OPC DA servers to obtain
the required functionality. What this figure also shows is that the
FAST/TOOLS OPC DA server can interact with both “local” and
“remote” FAST/TOOLS components to provide the required
functionality (e.g. obtaining the value attribute of a local front-end item
or reading the FAST/TOOLS name-space information from a data set
stored in a “remote” node).
An OPC COM F/T OPC DCOM F/T OPC

client server server
DUR DUR
Other F/T MDUR Other F/T

parts parts
Windows Windows
platform platform
Figure 4-4 FAST/TOOLS as OPC server, distributed solution,

Figure 4-5 shows a configuration with multiple nodes again. The
configuration not only consists of Windows platforms but also contains
a UNIX platform. For example the UNIX platform could be the “host
node”, where most of the FAST/TOOLS functionality is running. The

Introduction to FAST/TOOLS OPC interface FAST/TOOLS and OPC
Windows platform in this example acts as a workstation where,

interaction with the FAST/TOOLS is regulated through the OPC server
via a (third party) OPC client.
An OPC COM F/T OPC

client server
DUR
Other F/T MDUR Other F/T

parts parts
Windows Windows- or UNIX
platform platform
Figure 4-5 FAST/TOOLS as OPC server, distributed solution,

Windows and UNIX platforms
4.3.4 OPC client centric basic architectures
Figure 4-6, depicts a configuration where a single Windows platform

contains all FAST/TOOLS functionality. The picture focuses on the use
of the FAST/TOOLS DA client, which is used by the FAST/TOOLS as
interface to (third party) OPC servers.
Other F/T DUR F/T OPC

parts client
COM
An OPC
server
Windows
platform
Figure 4-6 FAST/TOOLS as OPC client, single node solution,

Figure 4-7, shows a configuration in which the FAST/TOOLS and

particularly the FAST/TOOLS OPC functionality, is distributed across
a number of Windows platforms. The FAST/TOOLS connect to (third

party) OPC servers via the FAST/TOOLS OPC client either locally or
remote. The FAST/TOOLS OPC client itself, can interact with both
“local” and “remote” FAST/TOOLS components to provide the
required functionality.
MDUR
Other F/T DUR F/T OPC Other F/T DUR F/T OPC
parts client parts client
COM COM
An OPC DCOM An OPC

server server
Windows Windows
platform platform
Figure 4-7 FAST/TOOLS as OPC client, distributed solution, Windows

platform only
Figure 4-8 again, shows a configuration with multiple nodes. The
configuration not only consists of Windows platforms but also contains
a UNIX platform. For example the UNIX platform could use the
Host-Host Coupling equipment manager to connect to the Windows
platform. The Windows platform in this example acts as a remote host
where via the FAST/TOOLS OPC-client, data acquisition functionality
is implemented.
For technical reasons it is not possible to use the OPC functionality in a
distributed system with a UNIX host and a Windows front-end.
Other F/T DUR F/T OPC DUR Other F/T

parts client parts
COM
An OPC
server
Windows Windows- or UNIX
platform platform
Figure 4-8 FAST/TOOLS as OPC client solution using Windows and

UNIX platforms

Introduction to FAST/TOOLS OPC interface Quality code conversion
4.4 Quality code conversion

FAST/TOOLS uses a 32 bit word to represent an item quality code. The
OPC foundation has defined a 16 bits data type to store quality code
information. Therefore a conversion between FAST/TOOLS quality
code representation and OPC quality code representation, must be
defined.
This section describes the conversion between the OPC quality code
word and the FAST/TOOLS quality code word and vice versa.
4.4.5 OPC quality to FAST/TOOLS quality
Conversion from an OPC quality word to a FAST/TOOLS quality word

is done as follows:
• If the OPC quality word is provided by the OPC AE client, the 16
bits OPC quality code information is directly copied into the upper
16 bits of the 32 bits FAST/TOOLS quality code word.
• If the OPC quality word is provided by the OPC DA client, the 16
bits OPC quality code information is directly copied into the lower
16 bits of the 32 bits FAST/TOOLS quality code word..
OPC AE OPC DA
0xXXXX 0xyyyy OPC quality words
F/T quality word
16 bits 16 bits
Figure 4-9 Conversion from OPC quality- to FAST/TOOLS quality

word
4.4.6 FAST/TOOLS quality- to OPC quality
In situations where the FAST/TOOLS item value/quality code attributes

Quality code conversion Introduction to FAST/TOOLS OPC interface
are written into an OPC DA tag, the 32 bit FAST/TOOLS quality word
is converted to a 16 bit OPC quality word as follows:
• According to the OPC specification, the upper 8 bits of the OPC
quality word, can be freely used by applications. Therefore, the
lower 8 bits of the FAST/TOOLS quality word are stored in the
upper 8 bits of the OPC quality word.
• The lower 8 bits of the OPC quality word, contains the result of the
“merged” FAST/TOOLS item status- and item option bits
attributes:
Merged item-status and

Lower 8 bits of quality word
item-option attributes
ITM_ST_OFFLINE or OPC_QUALITY_LAST_KNOWN
ITM_ST_UPD_OFF
ITM_ST_BLOCKED or OPC_QUALITY_LOCAL_OVERRIDE
ITM_ST_UPD_BLK
ITM_ST_NOT_INIT OPC_QUALITY_NOT_CONNECTED
<other outcome> OPC_QUALITY_GOOD
8 bits
F/T quality word
item-status
Merge
item-option bits
OPC quality word
8 bits 8 bits
Figure 4-10 Conversion from FAST/TOOLS quality- to OPC quality

word

Introduction to FAST/TOOLS OPC interface OPC data type mapping
4.5 OPC data type mapping

OPC DA defines a number of data types of different sizes and ranges.
When the OPC DA client is used to access a server, these data types
must be mapped onto the FAST/TOOLS types. The user can use to use
strict or loose mapping. When loose mapping is used, the OPC data type
is mapped as best as possible to the type defined for the FAST/TOOLS
item. When strict mapping is used then only OPC tags that correspond
with the FAST/TOOLS items data type can be mapped. If a type is
encountered that is not supported then this is shown as “Not supported”
in the HMI.
The following table shows the mapping between OPC data types and
FAST/TOOLS data types.
Table 1: OPC DA data type mappings
OPC DA data type FAST/TOOLS data type
VT_UI1 REP_LONG
VT_UI2 REP_LONG
VT_UI4 REP_DOUBLE
VT_UINT REP_DOUBLE
VT_INT REP_LONG
VT_I1 REP_LONG
VT_I2 REP_LONG
VT_I4 REP_LONG
VT_R4 REP_DOUBLE
VT_R8 REP_DOUBLE
VT_BSTR REP_STRING
VT_BOOL REP_BOOLEAM

General FAST/TOOLS OPC DA client
5 FAST/TOOLS OPC DA client
5.1 General
This chapter contains detailed information on how to configure the
FAST/TOOLS OPC Data Access Client on your system. It gives
information on the process parameters that can be configured from the
setup-file and explains the program context.
Some basic knowledge about the concepts behind OPC is presumed. If
you are new to OPC please first read chapter 4 for an introduction.
5.2 Interaction with other parts of

FAST/TOOLS
The OPC client acts as a COM client to one or more OPC servers. The
context diagram of the FAST/TOOLS OPC client is depicted in Figure
5-1. It shows the functional interaction of the OPC client with its
environment.
Setup file
(D)COM OPC DA
FAST/TOOLS Server(s)
OPC DA
SAV file Client
BUS/FAST
DSS ITEM/
FAST
HMI
Figure 5-1

FAST/TOOLS OPC DA client Interaction with other parts of FAST/TOOLS
5.2.1 BUS/FAST
BUS/FAST is the FAST/TOOLS message interface to the OPC client.

Via this interface, other FAST/TOOLS processes are able to
communicate with the OPC client.
5.2.2 (D)COM
This is the underlaying technology that OPC clients and servers use to
communicate with each other. It is a standard part of the Microsoft
Windows operating system. DCOM enables you to start a process on a
remote computer across a network. To avoid security risks DCOM will
only start a process if the requester (client) has been given the right to do
so. The configuration of DCOM privileges is part of the OPC Server
configuration and is explained in chapter 6 of this manual.
5.2.3 ITEM/FAST
ITEM/FAST is responsible for managing item values and status. If

requested to do so, it will notify other processes of changes in the value
or status of an item.
The OPC client maps OPC server tags on FAST/TOOLS items. If an
OPC server notifies the OPC client that the value of a tag has changed
the OPC client will tell ITEM/FAST to change the value of the
corresponding FAST/TOOLS item.
If on the other hand a FAST/TOOLS item that was mapped on an OPC
tag changes its value ITEM/FAST will notify the OPC client. The client
will then write a new value onto the OPC tag.
5.2.4 User interface (HMI)
The FAST/TOOLS HMI is used to create and modify OPC stations,

groups and map FAST/TOOLS items on OPC tags. How to use the HMI
is explained in USER/FAST user manual.
5.2.5 OPC client setup-file
The OPC client setup file is used to initialise the process during start-up.

Interaction with other parts of FAST/TOOLS FAST/TOOLS OPC DA client
For a detailed description of the use of setup see section 5.4.4 of this
manual.
5.2.6 Data set services (DSS)
The FAST/TOOLS Data Set Services (DSS) offer an interface to

FAST/TOOLS data. DSS presents information contained in
FAST/TOOLS databases to the outside world via data set tables.
When a FAST/TOOLS OPC client process is started it will open a
connection to DSS and use several data sets to initialise its data
structures.
5.2.7 Save file
To increase the start-up speed of the OPC client a so-called ‘save-file’ is

used. The OPC client uses the DSS datasets to get its stations, groups
and items. Since this data set also contains a lot of items that are not used
by OPC and since this data set is read sequentially, the client has to read
a lot of records to determine which of them are used in a specific OPC
client. Therefore we use the ‘save-file’ concept also known from
ITEM/FAST and EQUIPMENT/FAST.
If the OPC client detects a save file on the ‘sav’ directory (/tls/sav) it will
use this file instead of the DSS datasets to quickly find the DSS records
it needs.
If no ‘save-file’ is present for the OPC client it will read sequentially
through the DSS data sets and create a new ‘save-file’.
The ‘save-file’ is actually an ISAM file. The name of the ISAM file
equals the DUR name of the OPC client.
If for some reason the ‘save-file’ has become inconsistent with the actual
data in the DSS datasets it should be deleted. The ‘save-file’ can only be
deleted when the OPC client is not running. The OPC client will create
a new ‘save-file’ the next time it is started.

FAST/TOOLS OPC DA client Runtime behaviour
5.3 Runtime behaviour
5.3.1 Heartbeat mechanism
The FAST/TOOLS OPC Data Access Client uses a so-called heartbeat

mechanism for all actions it must perform periodically. These actions
are:
• Check for messages in the DUR message queue
• Write value updates in event queue to OPC server
• Check the connection to the OPC server(s)
• Try to re-connect after connection to server was lost
Checking for messages in the DUR queue is done at every heartbeat

interval. For all other actions it is possible to set a multiple of the
heartbeat interval. This value will be rounded to the closest multiple of
the heartbeat interval.
Example: OPXDAC_HBEAT = 100mS, if OPXDAC_SRV_ALIVE is
set to 275mS the actual server alive check interval will be 300mS.
5.3.2 Check the connection to the OPC server(s)
The FAST/TOOLS OPC Data Access Client periodically checks if it can

still communicate with the OPC server. This interval is set by the
OPXDAC_SRV_ALIVE keyword in the set-up file. If it can’t reach the
OPC server, the client will change the status of all FAST/TOOLS items
mapped on OPC tags from that server to OFFLINE. If the related OPC
station has a status item defined, its value will be set to a value that
reflects the connection status.
The client uses the GetStatus method of the IOPCServer interface to
check the connection to the server. This method will return one of the
following values that will be written on the OPC stations status item.
OPC server status Status item value
OPC_STATUS_RUNNING 1
OPC_STATUS_FAILED 2
OPC_STATUS_NOCONFIG 3
OPC_STATUS_SUSPENDED 4
OPC_STATUS_TEST 5

Runtime behaviour FAST/TOOLS OPC DA client
If the GetStatus call fails the status item gets the value 2
(OPC_STATUS_FAILED)
5.3.3 Event queue mechanism
Changes in FAST/TOOLS items are not immediately sent out to OPC

server(s). Instead FAST/TOOLS item changes are clustered as much as
possible for the OPC servers. The queues used for this clustering
mechanism are sent as soon as they become full or when a specific
amount of time has elapsed. This "flush queue" action is performed in a
frequency that is set by the OPXDAC_FLUSH_GRPQUE keyword in
the setup file.
Change in OPC tag values are queued by the OPC server before they are
sent to the OPC client. The maximum time these events spend in the
OPC server’s queue is set when creating an OPC group. By entering a
‘requested update rate’ you request the server to use a certain update
frequency. The server will return a ‘revised update rate’, which may be
less then you requested, but its the best the server can do. How this is
done is explained in the USER/FAST manual.
5.3.4 Reconnection mechanism
When no initial contact with an OPC server can be obtained or when the
connection with an OPC server becomes lost, the FAST/TOOLS OPC
Data Access client regularly performs an attempt to re-establish the
broken connection. The interval between two successive “reconnect
attempts” is the same as the interval value for the “connection alive”
check.
Connection between OPC clients and servers are based on DCOM
technology. If a client wants to establish a connect to a server it asks
DCOM to create a connection. If DCOM doesn’t succeed in creating a
connection it does a number of re-tries. This may take several minutes,
in which the FAST/TOOLS OPC client is inactive.
5.3.5 OPC group status
In the FAST/TOOLS HMI it is possible to define a status item to an OPC

DA group. The status attribute of the item, is used to reflect the
active/not-active status of the OPC group. When the OPC DA group has

FAST/TOOLS OPC DA client OPC DA client configuration
an active status, the value of the related status item is set to 1 and the
status attribute of the related item will be "normal".
When the OPC DA group has an inactive status (group deactivated), the
value of the related status item will be 0 the status attribute of the related
item, will be "off-scan".
When an OPC DA group is deactivated, all FAST/TOOLS items related
to that group, are given the status off-line. When the OPC DA group is
activated, the off-line bit is reset, i.e. all items related to that group will
get their original item status.
5.4 OPC DA client configuration
5.4.1 Introduction
This section describes how to configure the run-time behaviour of the

FAST/TOOLS OPC DA client.
5.4.2 OPC client process name
The process name is the name by which a running OPC client is known
to all other FAST/TOOLS processes. Whenever a FAST/TOOLS
process needs to communicate with an OPC client it will use the client’s
process name to address it. The process name is also used during start-up
of the client to look for a setup-file and a save-file with the same name.
Each instance of an OPC client will have a unique name. The name of
the OPC client process is defined during the OPC DA line definition.
5.4.3 Starting and stopping the OPC client
When a new OPC DA line is defined then the corresponding OPC DA

client for that line will be started automatically. Stopping and starting
FAST/TOOLS will automatically stop and start any defined OPC DA
clients. Deleting an OPC line will also stop the client.
Should you wish to stop and start the clients manually then you should
locate the start and stop commands in the access_start.cmd and
access_stop.cmd files respectively.

OPC DA client configuration FAST/TOOLS OPC DA client
In access_start.cmd the command will look like this:

start /b /NORMAL %TLS_ROOT_PATH%\tls\exe\opxdac.exe -n <client>
where <client> is the name of the process created during the line
definition.
All OPC client process will be stopped by the access_stop.cmd script.
You can stop a specific OPC client process with the following
command:
%TLS_ROOT_PATH%\tls\exe\durstp -msk -t10 -p <client>
where <client> is the name of the process created during the line
definition. This will sent a BUS/FAST ‘stop’ message to the OPC client
process.
5.4.4 Setup-file parameters
Whenever an OPC client process is started it will look for a setup-file to

initialise some of its parameters from. First it will try to initialise from a
process specific file name. A client process called my_client, for
example, will first check if there is a setup-file called ‘my_client.sup’ in
the default setup-file directory (/tls/sup). If it can not find such a file, it
will look for a setup-file called ‘opxsys.sup’. If this file can’t be found
the OPC client process will use its own default values.
The rest of this section describes the individual setup file parameters of
the FAST/TOOLS Data Access Client in alphabetical order.
Keyword: OPXDAC_DUR_QSZ
• Description:
Defines the DUR queue size of the server and thus the amount of
DUR messages that can be queued at once for this process. The
queue size is expressed in Kilobytes.
• Syntax:
OPXDAC_DUR_QSZ = <queue size in Kbytes>
• Example:
OPXDAC_DUR_QSZ = 50
Keyword: OPXDAC_FLUSH_GRPQUE

FAST/TOOLS OPC DA client OPC DA client configuration
• Description:
The OPC client maintains it own queuing mechanism for item value
update events coming from ITEM/FAST. Events are queued and
periodically written to the OPC server as one cluster of events. This
keyword determines the maximum period of time an event can be
waiting in the queue
• Syntax:
OPXDAC_FLUSH_GRPQUE = <max. buffer time in msec.>
• Example:
OPXDAC_FLUSH_GRPQUE = 500
Keyword: OPXDAC_HBEAT
• Description:
Defines the heart beat of the OPC client. Due to the design of the
client, the server does not wait until a DUR message arrives in its
DUR message queue. Instead it polls this queue at regular intervals
for the arrival of new messages. The heart beat value determines
how often this polling takes place.
• Syntax:
OPXDAC_HBEAT = <heart beat in msec.>
• Example:
OPXDAC_HBEAT = 100
Keyword: OPXDAC_ITMBUF
• Description:
Defines the ITEM/FAST event-buffering interval. ITEM/FAST
will buffer events for the Data Access Client for this period of time.
If the event buffer is full before the end of event-buffering interval
it will be written to the client.
• Syntax:
OPXDAC_ITMBUF = <max. buffer time in msec.>
• Example:
OPXDAC_ITMBUF = 1000
Keyword: OPXDAC_SAFE_CON
• Description:
When this keyword is set, permission is granted to connect the

OPC DA client configuration FAST/TOOLS OPC DA client
FAST/TOOLS OPC DA client to a FAST/TOOLS OPC DA server.

To prevent deadlock problems, a FAST/TOOLS OPC DA client
can not be connected to a FAST/TOOLS OPC DA server
unconditionally. A connection is permitted only in situations where
the FAST/TOOLS OPC client node and the FAST/TOOLS OPC
server node are independent FAST/TOOLS systems.
Deadlock situations will arise in situations where:
1 The FAST/TOOLS OPC client and server reside on the same
node, or
2 The FAST/TOOLS OPC client node and FAST/TOOLS
OPC server node are interconnected via a DURM
connection.
• Syntax:
OPXDAC_SAFE_CON [= yes]
• Example:
OPXDAC_SAFE_CON
Keyword: OPXDAC_SRV_ALIVE
• Description:
Defines the OPC server alive check interval. The OPC client
process periodically checks all its connections the OPC server(s).
Syntax:
OPXDAC_SRV_ALIVE = <interval time in msec.>
• Example:
OPXDAC_SRV_ALIVE = 1000
Keyword: OPXDAC_PING
• Description:
This is an additional check to test the network connection between
OPC client and server. The OPC server alive check time-out uses
the DCOM time out which can be several minutes. If the ping
option is enabled the OPC client will sent a ICMP request to the
server to check the network connection before requesting the OPC
server status. This will result in a much shorter time out of seconds
rather then minutes.
• Syntax:
OPXDAC_PING = Yes /No
• Example:
OPXDAC_PING = YES

FAST/TOOLS OPC DA client Tricks and Tips
Keyword: OPXDAC_PING_TIMEOUT
• Description:
Ping time out in seconds. If the server station doesn't respond within
the specified number of seconds the will consider the station
off-line.
• Syntax:
OPXDAC_PING_TIMEOUT = <time-out in seconds>
• Example:
OPXDAC_PING_TIMEOUT = 3
Keyword: OPXDAC_BROWSE_CACHE
• Description:
If OPC server namespace is browsed the tag names are temporary
stored in the client to avoid unnecessary load caused be repeated
browse requests. This keyword sets the number of milliseconds
after which the cache will be cleared.
• Syntax:
OPXDAC_BROWSE_CACHE = <time-out in msec.>
• Example:
OPXDAC_BROWSE_CACHE = 60000
5.5 Tricks and Tips

This section gives some useful information when setting up your OPC
client.
5.5.1 Use one server per client
As explained in section 5.3.4 re-connecting after a lost connection can

take quite a while because of the long time out in DCOM. Although it is
possible to connect more than one OPC server to a client, it is
recommended not to do so because the loss of connection with one
server will stall all communication with other servers during the time out
period.

Windows Firewall and Security settings FAST/TOOLS OPC DA client
5.5.2 Use quick-loads to configure OPC clients
All data needed to configure an OPC client can be quick loaded into DSS
using the dssqld tool. This is often much quicker than entering OPC
clients from the HMI. Because the dssqld utility can dump DSS data sets
into quick load files it is quite easy to generate ‘template’ quick load
files by creating an OPC station in the HMI with a single OPC item. You
can create the template quick-load files by dumping the required data
sets.
dssqld -d line_df -e line_df.qli

dssqld -d station_df -e station_df.qli
dssqld -d opc_group_df -e opc_group.qli
dssqld -d item_df -e item_df.qli
dssqld -d point_df -e point_df.qli
These files can now be used as a basis for you quick load files. For more
details about the use of the quick load utility see the DATABASE/FAST
DSS System Integrator’s Manual.
5.6 Windows Firewall and Security settings

Microsoft operating systems have a number of built-in network security
features including a firewall and security policy settings. In order for
OPC communications to work properly when the firewall land local
security policy need to be set up correctly. This information can be
found in chapter 6.
5.7 OPC DA Client DCOM tunnelling

The OPC-DA Client DCOM-tunnelling option was developed to avoid
some of the DCOM configuration problems.
5.7.1 Introduction
Configuring DCOM across two windows domains can be is quite a

FAST/TOOLS OPC DA client OPC DA Client DCOM tunnelling
headache for system integrators. To avoid these problems the

FAST/TOOLS OPC-DA Client can be configured to run in the same
domain as the OPC-DA Server or even simpler on the same computer as
the server.
In that case FAST/TOOLS will use is own BUS/FAST message protocol
instead of DCOM. Figure 5-1 shows a typical configuration where the
FAST/TOOLS OPC-DA Client is in a different domain from the
OPC-DA server.
DOMAIN A DOMAIN B
FAST/TOOLS
Host node
ITEM/FAST
OPC-DA DCOM OPC-DA

Client Server
Figure 5-1 OPC-DA connection using DCOM
DCOM is used to connect OPC Client and Server. The client receives
data updates from the server through the DCOM connection and
modifies the FAST/TOOLS item values on the local FAST/TOOLS
system.
Figure 5.2 shows a configuration where the FAST/TOOLS OPC-DA
Client is used with DCOM tunnelling enabled. OPC-DA Client and
Server are in the same windows domain and BUS/FAST has replaced
DCOM for the to communication across the windows domains.

OPC DA Client DCOM tunnelling FAST/TOOLS OPC DA client
DOMAIN A DOMAIN B
FAST/TOOLS
Host node
OPC-DA
Server
(D)COM
ITEM/FAST BUS/FAST OPC-DA

Client
Figure 5-2 OPC-DA connection BUS/FAST
In this configuration the OPC-DA Client will update the items on the
FAST/TOOLS host node through the BUS/FAST (DURM) connection.
5.7.2 Installing FAST/TOOLS DCOM tunneller
The FAST/TOOLS DCOM tunneller is a licensed product. After

installing FAST/TOOLS and applying the correct license, the OPC
tunneller functionality will be available.
5.7.3 Setting up a DCOM tunnelling configuration
To setup a DCOM tunnelling configuration you need to install

FAST/TOOLS on a system in the OPC-DA Server domain and you
require a BUS/FAST, a DATABASE/FAST and a OPC-DA Client
license (OPC DCOM tunneler license.
Apart from the fact that only a small sub-set of the FAST/TOOLS
package is installed on the OPC-DA client node is just another
FAST/TOOLS node. Setting up the BUS/FAST connection between the
host and the OPC-DA Client node is done in the same way as with any
other node. The most essential part is to enter the number of the
FAST/TOOLS host node in the dur.sup file on the tunneller node.

To configure the OPC-DA Client as DCOM tunnelling client the “Use

DCOM-tunnelling to host” option in the OPC-DA Client setup file
should be set. This setup file is called epadac_eqp.sup.
If this option is active the OPC-DA client will assume all items are
located on the FAST/TOOLS host node.
5.7.4 Monitoring item status with INTMOM
The OPC-DA Client in a DCOM-tunnelling configuration runs on a

remote node and updates its items on the FAST/TOOLS host node. This
means that if the connection between FAST/TOOLS host and the
OPC-DA Client node is lost the OPC-DA Client has no possibility to set
the items “OFFLINE”. For this the FAST/TOOLS INTMON process is
be used.
The INTMON process can be used to monitor the DURM connection
between FAST/TOOLS nodes. This process is not started by default. To
start this process you have to add it to the integration_start.cmd file. To
do that just un-comment the line:
start /b /normal %TLS_ROOT_PATH%\tls\exe\intmon.exe -n intmon
This will unsure intmon is started the next time you start FAST/TOOLS.
The node of the remote OPC-DA Client must be added to the setup file
of the INTMON process. This setup file is called intmon.sup and can be
changed in FAST/TOOLS setup file editor. The dialog below shows
intmon.sup in the setup file editor.

OPC DA Client DCOM tunnelling FAST/TOOLS OPC DA client
In the setup dialog select the Node communication tab. For node number
enter the node of the OPC-DA Client. Optionally you can add an item
that will reflect the status of the BUS/FAST connection with the
OPC-DA Client. Then click the Add button and the remote node is
added to the list of node connections that will monitored by INTMON.
Next set the Set slave items offline when node unavailable checkbox.
INTMON will now set the OPC-DA Client items on the host
“OFFLINE” when the connection to the Client is lost.


Introduction FAST/TOOLS OPC DA server
6 FAST/TOOLS OPC DA server
6.1 Introduction
This chapter describes in more detail the system integration aspects of
the FAST/TOOLS OPC Data Access server (DA server).
The DA server supports the OPC Data Access 1.0A and Data Access 2.0
interfaces. Furthermore, the DA server fully supports both the custom as
well the automation interface of the OPC standard.
OPC clients written in compiled languages (like C/C++) will use the
custom interface to interact with the DA server.
Via the automation interface, applications (OPC clients) written in
interpretive and/or macro languages (e.g. Visual Basic, Microsoft Word
and Microsoft Excel) can get access to the object model of the OPC Data
Access interface.
All mandatory and, with one exception, all optional interfaces of the
standard are supported. The optional interface that is not implemented in
the FAST/TOOLS DA server is “IPersistFile”. This interface has been
defined by the OPC foundation to offer OPC clients the possibility to
“load” or “save” a server configuration. Currently there is no need for
such a “hook” in the FAST/TOOLS DA server. For this reason, the
optional IPersistFile interface has not been implemented in the server.

FAST/TOOLS
The FAST/TOOLS DA server does not act on its own.
OPC clients interact with the server via (D)COM. These OPC clients can
reside on the same node as the server but can also reside on another node
connected to the same network. Furthermore, the server interacts with
other parts of the FAST/TOOLS, to get the desired information or write
information into the FAST/TOOLS system.
This section globally describes the server’s interaction with other parts
of the FAST/TOOLS.
The interfaces with the other parts of the FAST/TOOLS have been

FAST/TOOLS OPC DA server Interaction with other parts of FAST/TOOLS
depicted in Figure 6-1.
FAST/TOOLS
ITM
(D)COM FAST/TOOLS
OPC DA
OPC DA
Clients
server
DSS
Figure 6-1
What is shown in this figure is that the FAST/TOOLS OPC DA server

communicates with:
• The Data Set Services (DSS).
DSS is part of the tool DATABASE/FAST and is used by the DA
server to:
- Serve “name-space” browsing requests from OPC clients.
- Write item values into the “item_val” data set in case a properly
authorised user-name is associated with the DA server (see 6.7).
The interface with DSS is a routine interface. DSS itself however

communicates internally via DUR messages with other
FAST/TOOLS components. These components may reside on the
same node or on a remote node, depending on the configuration and
the contents of the DSS-files. For more information please refer to
[1] and [6].
• ITEM/FAST (ITM).
The DA server uses ITEM/FAST functionality to:
- Get a notification (event) when one or more of the value,
quality-code or option-bit attributes of an item changes.
This information arrives in the DA server via a DUR message.
The DA server uses the ITEM/FAST event buffering
mechanism to cluster events whenever possible.
- Read the current value of an item upon explicit request from the
OPC client.
When the value information can be obtained locally, the DA
server uses the ITEM/FAST routine interface to obtain the
information. Otherwise the DUR message interface of

Some notes on the implementation of the server FAST/TOOLS OPC DA server
ITEM/FAST is used.
- Write a new value into an item upon explicit request from an
OPC client.
As with the read operation, either the ITEM/FAST routine
interface or the DUR message interface is used.
6.3 Some notes on the implementation of the

server
6.3.1 Introduction
This section contains some information that might be important to

understand the behaviour of the FAST/TOOLS OPC DA server.
Knowledge of this type of information might be helpful when
developing/using OPC clients in conjunction with the FAST/TOOLS
OPC DA server.
6.3.2 Server’s threads
In the FAST/TOOLS OPC DA server a number of threads execute the

DA server code. The most important of these threads are:
• The “FAST/TOOLS message interface thread”:
This thread is responsible for reading the DUR message queue of
the server and handling the DUR messages residing in this queue.
Among others, the ITEM/FAST event messages, signalling item
attribute updates, are handled by this thread.
• The “client update threads”:
For each connected OPC client a “client update thread” is created
in order to handle the OPC client update. The information sent to
the OPC client is fetched from the server’s data cache (see below).
The rate in which this client update is executed, depends on the
update rate specified by the OPC client for each of the OPC groups
it created.
• The “refresh thread”:
This is a thread which becomes active every 200 milliseconds. Its
main task is to “wake-up” the “client update threads” to let them
determine whether or not it is time to perform a client update action.
• The “asynchronous read/write handling threads”:

FAST/TOOLS OPC DA server Some notes on the implementation of the server
This type of thread is activated for each asynchronous read/write

request issued by an OPC client. Since an OPC client may perform
another asynchronous read/write call before another asynchronous
call completed (causing an additional thread to be activated), care
must be taken not to have too many “outstanding” asynchronous
requests. This may exhaust system resources.
6.3.3 Server’s data cache
The FAST/TOOLS OPC DA server internally maintains a data cache for

all items currently handled by the OPC server. Among others, the
information in this data cache reflects the current value and quality
information for the items. The data cache is kept up to date by the server
by using the information present in the events sent by ITEM/FAST.
OPC clients have the possibility to choose between a so called “device

read” or “cache read” action.
The “device read” action translates to a synchronous ITEM/FAST read
action. This type of access is relative slow, certainly when the read must
be performed on a remote FAST/TOOLS node. Furthermore the “device
read” action blocks other read and write actions until the “device read”
has finished.
The “cache read” action uses the server’s data cache as data source. This
type of read action is fast and in the case of FAST/TOOLS also accurate,
since the cache contains the actual item information.
There is only 1 situation where a “device read” action might be preferred

in favour of the “cache read” action. This is the situation where the DUR
message queue of the OPC server has overflowed and the server may
have lost ITEM/FAST events. In that situation it might be desirable for
the OPC client to perform a “device read” or even “refresh” one or more
OPC groups. Such a “device read” or “refresh” also updates the data
cache.
All OPC client “write” actions (writing a new item value to the OPC
server), are done to the “device”, i.e. the FAST/TOOLS item table.
6.3.4 Timestamp information
The timestamp information provided by the FAST/TOOLS OPC DA

server as part of other dynamic item information (value and quality

Starting the server FAST/TOOLS OPC DA server
code), represents the time that the information was written, by the OPC
server, into the server’s data cache.
When an OPC client performs a “cache” read action, the timestamp
information in the data cache will not change. However when an OPC
client performs a “device” read action (i.e. the server reads the
information from the FAST/TOOLS item table), the timestamp
information in the data cache does change. This however does not result
in a “data change” event for possibly other connected OPC clients. “Data
change” events are only generated when a new (i.e. different) value or
quality code is written in the data cache.
6.3.5 ProgID
The FAST/TOOLS OPC DA server, registers in the Windows registry

with the following Programmatic Identifier (ProgID):
Yokogawa.FastToolsOpcDas.<version>.
.This ProgID information is useful when your OPC client has to connect
to the server, when you develop your own OPC client application or
when you want to track down the cause of possible problems.
6.4 Starting the server

Since the FAST/TOOLS OPC DA server is a COM server, its name and
the location of the executable among others, is registered in the
Windows registry. As soon as an OPC client wants to connect to the
server and the server appears not to be active, the COM run time will
start the server automatically.
For each FAST/TOOLS node, only one FAST/TOOLS DA server will

become active. This server connects to the DUR common with the name
OPXDAS.
6.5 Stopping the server

“Normally” the FAST/TOOLS Data Access server is stopped as part of
a “FAST/TOOLS stop” action (fast_stop script). Among others, this

FAST/TOOLS OPC DA server Name space browsing
stop action uses the “access_stop” script to stop the tool

ACCESS/FAST.
It is possible to specifically stop the FAST/TOOLS Data Access server
by sending it the standard BUS/FAST “stop” message. In order to send
the standard BUS/FAST “stop” message, use the following command in
a “command tool” to stop the Data Access server:
durstp -p opxdas.
When stopping the FAST/TOOLS DA server in this way, the server will
send a so called “shut-down” request to all of the OPC clients currently
connected to the server. This enables connected OPC clients to
gracefully shut down when the server terminates. Upon receipt of the
“shut-down” request, an OPC client should release all resources that it
has claimed in order to communicate with the OPC server.
Whether or not clients respond to this “shut-down” request, the server
will shut-down anyway.
6.6 Name space browsing

The FAST/TOOLS OPC DA server supports the (optional) OPC
name-space browsing interface. Via this interface, OPC clients can ask
the server to exhibit its name space, i.e. in the case of FAST/TOOLS, the
collection of installations, units, items, sub-items and their
inter-relationships. This browse interface enables the OPC client to
directly select the required (sub)items from the name-space information
returned. If the FAST/TOOLS OPC DA server would not support
name-space browsing functionality, OPC clients would have to
determine which items reside in a FAST/TOOLS system in another way.
Natively, the FAST/TOOLS name-space is a hierarchical one. At the top

of the name space are installations, beneath these installations are units
etc. OPC clients can navigate through this hierarchy and in this way
“drill down” until the desired (sub)item(s) have been found.
OPC clients however, can ask the FAST/TOOLS OPC Data Access
server, to exhibit the FAST/TOOLS hierarchical name space, as a flat
name space. In that case, the server pretends the address space is actually
flat, i.e. it concatenates “installation”, “unit” and “(sub)tag” components
into one string. By asking the OPC server to exhibit a flat name-space,
the OPC client has no possibility to navigate around. All information is
show in a flat “landscape”.
No matter whether the name-space is exhibited as a hierarchical- or a flat

Name space browsing FAST/TOOLS OPC DA server
one, in both situations the OPC client can use filters to limit the
information returned. The OPC client can use the following filter
components:
• Filtering on data-type
• Filtering on access-rights (read or write access)
• Filtering with the help of a specific filter pattern.
This filter pattern follows the Visual Basic LIKE operator syntax,
i.e.:
Character in pattern Matches
? Any single character

* Zero or more characters
# Any single digit (0 - 9)
[character list] Any single character in ‘character list’
[!character list] Any single character not in ‘character list’
If a specific filter component is specified, it is logically AND’ed with

possible other specified filter components.
In addition to these filtering mechanisms to be activated at the OPC

client side, the system manager has the possibility to limit the amount of
FAST/TOOLS name-space, exhibited by the FAST/TOOLS OPC DA
server. For each entity in the FAST/TOOLS name-space levels
(installation, unit, item and sub item), the system manager has the
possibility to indicate whether or not the “entity” will be visible in the
OPC name space. For more information regarding the configuration of
this mechanism, please refer to the FAST/TOOLS User Manuals (the
on-line HMI-help files).
In a name-space with thousands of items, one can imagine that a lot of

system resources are consumed when OPC clients want to show all
items in the entire name-space. For this reason the following
recommendations are done for environments with “large” name spaces:
• Where possible use filters to limit the amount of information
returned.
• Where possible browse the name-space in a hierarchical way. This
offers the possibility to do “incremental browsing” i.e. to
selectively fetch only the (sub)tags of 1 or more specific
installations/units, instead of the (sub)tags of all installations/units.
• Consider the use of hiding entire installations and/or units for OPC

FAST/TOOLS OPC DA server Authorisation issues
clients.
6.7 Authorisation issues

In the setup file of the FAST/TOOLS OPC DA server, it is possible to
specify a user-name for the server. The specified name, is used by the
server to log in to the FAST/TOOLS system and provides a vehicle to
force authorisation aspects. Via the user-profile related to the specified
user, the DA server is able to limit write access to items not matching the
user’s profile.
Notes:
• When no user-name is specified for the DA server, the server has
unconditionally access to FAST/TOOLS items. This mode offers
the highest performance, since the DA server communicates
directly to ITEM/FAST.
• When a user-name is specified for the DA server, the user should
be authorised to read the FAST/TOOLS installation, unit, item and
sub-item data sets. Otherwise the name-space browse action will
not work.
Furthermore to be able to read and/or write item value information,
the user associated with the Data Access server, should be
authorised to modify the status and value (both “normal” item value
as well as “string value” attributes of (sub)items)
• Whenever authorisation attributes or user-name for the Data
Access server are changed, the Data Access server, should be
restarted to use the new settings.
• When a user-name is specified for the DA server and the
FAST/TOOLS log-in action fails, it may take quite a long time for
the client to “discover” that the server has failed. This time out
value is dependent on the time out value provided by the transport
layer. According to Microsoft there is no formal way of configuring
this time out value.
• Hiding part of the FAST/TOOLS name space (as described in the
previous section), can also be considered as form of authorisation
management.

OPC Server browsing FAST/TOOLS OPC DA server
6.8 OPC Server browsing

When an OPC client wants to browse for available OPC servers on its
own machine, it can use a well-known interface on the Microsoft’s
“Components Category Manager” (CCM), to get a list of e.g. all OPC
Data Access version 2.0 servers on the local machine.
This CCM is a COM component (implemented in a DLL) that
implements the interface to enable clients to request information from
the Windows registry related to a certain component category. In this
case clients can request for information related to the “OPC Data Access
Servers version 2.0” category. OPC servers register under this
component category thus enabling OPC clients to obtain a list of
available OPC servers.
However this method of browsing for available OPC servers, does not
work for remote OPC clients. This is because the CCM is implemented
in a DLL (an “in-process” COM server). Thus remote OPC clients can
not easily obtain a list of available OPC servers on another machine.
For this reason, the OPC foundation released the “opcenum facility”
(also called the OPC Server Browser). This program must be installed
once on any machine that hosts OPC servers. Via a well known COM
interface offered by this server, OPC clients can browse a list of
available OPC servers on any machine.
Notes:
• The “opcenum” facility can also be used by local OPC clients.
• The enumeration facility only works appropriately in combination
with OPC clients which support this server browser capability.
• With the installation of FAST/TOOLS on a certain machine, the
opcenum facility is also automatically registered and installed as a
service on that machine. Remember that you have to configure the
“start-up” type of the service. It is recommended to configure the
“start-up” type of the opcenum service as “automatic”.
6.9 Configuration
6.9.1 Introduction
This section describes the configuration issues related to the use of the

FAST/TOOLS OPC DA server Configuration
FAST/TOOLS OPC DA server. Configuration is possible, in two

separate area’s:
• (D)COM configuration:
As described before, OPC is based on Microsoft’s (D)COM
technology. Some properties of DCOM need configuration before
you are able to use the FAST/TOOLS OPC DA server. This is
especially true if you want to access the FAST/TOOLS OPC DA
server over a network.
The (D)COM configuration aspects, are described in 6.9.2
• Server configuration:
Via the setup file of the OPX brick (opxsys.sup), some behavioural
aspects of the FAST/TOOLS OPC Data Access server can be tuned
to ones individual needs.
The “server configuration” aspects, are described in 6.9.5.
6.9.2 DCOM configuration and security policy
This section describes the way the (D)COM properties can be

configured.
Note: Since it might be necessary to change a
couple of DCOM configuration settings, we
recommend to make a note of the “old”
DCOM configuration settings before you start
to change them.
To configure DCOM, the DCOM configuration utility is used. An

administrator must start this utility on the system on which the
FAST/TOOLS OPC DA server is installed.
Before you start to use this utility, make sure the FAST/TOOLS OPC
server is not running.
It is also advised to create a dedicated user account on both the OPC
server and client machines, using an identical user name and password
for both machines. This account will be referred to as the OPC account
in the following description.
To start the configuration utility, use the “Run” command on the “Start”
menu and type: dcomcnfg.

Configuration FAST/TOOLS OPC DA server
The window shows a a tree of computers. Right click on the local

machine to bring up the default connection properties. Make sure that
DCOM is enabled on this computer and the default authentication is set
to “Connect” and impersonation level is “Identify” as in the following
figure:

Next select the COM security tab. Here you will find two sections;
Access permissions and Launch and Activation permissions. In both
sections you will find an “Edit default” button. Press this button to bring
up the permissions dialog.
Press “Add” to bring up the list of users and groups, locate the DCOM
OPC user account under which the application should run and add it to
the permitted DCOM users.
Select the user just added from the upper list of users then set the
permissions check boxes to “Allow” for all access types.
Be sure to repeat these steps using the “Edit default” button for the
Activation and Launch permissions too.

Now that the default permissions for the machine have been set, we can
apply these permissions to the OPC server. From the tree, open the local
machine branch and then open the DCOM config branch. A list of
applications will appear. Right click on the FAST/TOOLS OPC DA
server application and click the “Properties” button. The following
window is displayed:
If visible in your version of the dialogue, make sure that the

“Authentication level” information is set to “Default” (as shown in the
window above).

Then click on the “Security” tab and make sure it looks like the window
depicted below:

Then select the “Identity” tab, select “This user” and specify the user
name and password of the OPC user account (as depicted below):
Be sure to press the “Apply” button to apply any configuration changes

you have made. Now close the application.
Note: The DCOM security settings for My

Computer also apply to the client side
machine, to be sure that OPC server can make
contact with the OPC client under the same
user account.

Now that we have set up the DCOM configuration there are some local
security policies that need to be set. Note these settings should be
applied to both the server and client side of the OPC connection.
Launch the Local Security Policy manager from a command prompt
with the command secpol. This will bring up window with a tree view
on the left and a list of policies on the right. Open the “Local policies”
branch in the tree and select the “User Rights Assignment” leaf.
Scroll down in the policy list on the right and locate the “Create
permanent Shared Object” policy. Right click to access the “Properties”
and add the OPC user account as shown in the figure below:

Next select the “Security options” branch and scroll through the policies
to locate the “Network Access: Sharing and security settings for local
accounts” policy. Set this policy to “Classic - local users authenticate as
themselves”, as shown in the figure below:
That’s it! Now it should be possible to access the OPC server from the
OPC client machine using the same OPC user account.
6.9.3 Windows Firewall
If the Windows firewall has been activated (recommended) then you

need to explicitly tell the firewall which applications are granted
network access.
Note: This also applies to the OPC server and

client applications, so the firewall needs to be
configured on both sides of the connection.

To start the Windows firewall configuration enter wf.msc at an elevated

command prompt. The firewall works with rules and these are used to
define exceptions for the DCOM port and for each OPC application.
A predefined rule is available for allowing DCOM traffic. Select
“Inbound Rules” from the tree and locate the “Windows Management
Instrumentation (DCOM-in)” rule from the list. There may be two rules
in case you are using a domain controller, one for domain and one for
private profile. Select the one for the private profile. Double click the
rule to open the rule properties dialog and select the “Enabled” flag in
the dialog as shown in the figure below.
Next we need to define the exceptions for the OPC applications. Rules
must be defined for each application. The example below shows the rule
for the FAST/TOOLS OPC DA server.
Right click the “Inbound Rules” branch in the tree and select “New
rule”. The new rule dialog will appear. Select “Program” from the radio
buttons and click next. Select “This program path” from the radio
buttons and enter the full path to the OPC application as shown in the
figure below:

Click “Next” to bring up the rule action dialog and select “Allow
connection” from the radio buttons as shown below:

Click “Next” to bring up the profile dialog. Make sure the rule is applied
to all profiles; “Domain”, “Private” and “Public” as shown below:

Click “Next” to give the rule a name and description. In this example the
FAST/TOOLS OPC DA server is used but the name and description
should apply to the application you are configuring:
Click “Finish” to add the new rule. The final result should look this with
the rule appearing in the rule list with the specified name:

The procedure described above should be applied to each of the OPC

related applications. The following applications should be configured as
exceptions:
1 FAST/TOOLS OPC DA server
Needs to be allowed on the server side when FAST/TOOLS is OPC
server. This is the located in the TLS_EXE directory where
FAST/TOOLS is installed under the name “opxdas.exe”.
2 FAST/TOOLS OPC DA client
Needs to be allowed on the client side when FAST/TOOLS is OPC
client. This is located in the TLS_EXE directory where
FAST/TOOLS is installed under the name “opxdac.exe”.
3 OPCenum (server side only)
This is located in the “C:Windows\System32” folder under the
name “opcenum.exe”.
4 Microsoft Management Console (both client and server machines)
This is located in the “C:\Windows\System32” folder under the
name “mmc.exe”.
Note: If the client machine is also running a

firewall, then the DCOM port and OPC client
also need to be configured on the client
machine’s firewall.

6.9.4 Client-side settings
Not only do DCOM and the local security policy need to be configured
on the server machine, but the client machine should also have the same
permissions. This is particularly important when using Windows
workgroups, in which the users must be identically defined on both the
client and server machines. The client should be given the same DCOM
permissions as those defined for “My Computer” on the server.
Furthermore if the Windows firewall is active on the client machine then
the OPC client applications and DCOM port need to be allowed access
through the firewall.

6.9.5 Setup file parameters
This section describes the individual setup file parameters of the Data
Access server. Parameters of the FAST/TOOLS OPC DA server, are
described in alphabetical order.Keyword: OPXDAS_DUR_QSZ
• Description:
• Syntax:
OPXDAS_DUR_QSZ = <queue size in Kbytes>
• Example:
OPXDAS_DUR_QSZ = 30
Keyword: OPXDAS_HBEAT
• Description:
Defines the heart beat of the server. Because of the design of the
server, the server does not wait until a DUR message arrives in it’s
DUR message queue. Instead it polls this queue at regular intervals
for the arrival of new messages. The heart beat value determines
how often this polling takes place.
• Syntax:
OPXDAS_HBEAT = <heart beat in msec.>
• Example:
OPXDAS_HBEAT = 200
Keyword: OPXDAS_ITMBUF
• Description:
Defines the ITEM/FAST event-buffering interval. ITEM/FAST
will buffer events for the Data Access server for this period of time
or shorter if the event buffer is filled up.
• Syntax:
OPXDAS_ITMBUF = <max. buffer time in msec.>
• Example:
OPXDAS_ITMBUF = 500

Keyword: OPXDAS_USER
• Description:
Defines the authorization settings under which the FAST/TOOLS
OPC Data Access server operates. If no user name is specified,
there are no restrictions in access to FAST/TOOLS items.
• Syntax:
OPXDAS_USER = <user name>
• Example:
OPXDAS_USER = “opxdas_user”

FAST/TOOLS OPC DA server Trouble shooting
6.10 Trouble shooting

On some occasions you might experience problems in connecting your
OPC client to the FAST/TOOLS OPC DA server. The reason for such
problems may vary from situation to situation, e.g. programming errors
in the OPC client being used, network problems or
configuration/installation problems.
This section contains information that might be helpful to trace the latter
type of problems; the configuration/installation problems.
Among others, these type of problems may arise when installing or
un-installing other OPC servers.
The problems addressed in this section, are mainly related to situations
where the OPC client and OPC server reside on the same machine. If
such a “basic” configuration does not work properly, a distributed
configuration will not work properly either.
In case of problems, we recommend to start with a configuration where

an OPC client and OPC server reside on the same machine. When such
a configuration functions well, you can proceed to a distributed
configuration to further track down the cause of the problem.
When this basic configuration works well and you experience problems
in a distributed configuration, network problems or DCOM security
settings are the cause of the problem in most cases.
In case of network problems, please consult your IT department.
In case of problems with DCOM configuration settings, please refer to
6.9.2
This sections starts with a short explanation of a utility that might be

helpful to discover configuration/installation problems. The remaining
sections address provide solutions to possible configuration/installation
problems.
6.10.1 OCS Registry check utility
After FAST/TOOLS has been installed, you will find the “OCS Registry
Check” utility (OCSRegistryCheck.exe) on the FAST/TOOLS
executable directory (..\tls\exe).
You can use this utility to check that the FAST/TOOLS OPC server and
OPC foundation DLL’s (see below) have been correctly installed and
registered. This is a basic check, that should be performed if you
experience problems when communicating with the FAST/TOOLS

Trouble shooting FAST/TOOLS OPC DA server
OPC DA server.
The utility must be started on the same machine as the OPC server. Once
you have started the utility the following window appears:
What you see in this window are all registered OPC servers that this
utility can find. Under normal conditions, the FAST/TOOLS OPC DA
server will be visible in the list-box of the utility. If not, see 6.10.2.
Select the FAST/TOOLS OPC DA server and press the “OK” button.
This will activate the following dialogue:
Via this dialogue, you can initiate a test to verify the proper installation

and registration of the FAST/TOOLS OPC DA server. Furthermore, the

test verifies the correct installation and registration of a number of
common OPC foundation deliverables.
Start the test by pressing the “Start” button. This will activate the
following dialogue:
The dialogue shows which tests have passed and which one failed. Each
to be tested “item” that has been ticked-off in the list-boxes, has passed
the test. Details about the execution and outcome of a test can be
obtained, by pressing the “View Log” button.
Remark: To interpret all the details of the test results as shown in the
“log”, you need to have some general knowledge of (D)COM and/or
standard OPC foundation deliverables. However, in most cases this
knowledge is not necessary. It is enough to verify that:
• Category OPC Common Definitions:
- All cases (with one possible exception, see below) have passed
the test.
The OPC AE proxy test is a not relevant situation. This proxy is
not necessary for the current implementation of the
FAST/TOOLS OPC interface.
• Category Server Specific Checks:
- All cases have passed the test.

Trouble shooting FAST/TOOLS OPC DA server
6.10.2 OPC server properly installed?
After FAST/TOOLS has been installed and started for the first time, it
will have installed and registered the FAST/TOOLS OPC DA server.
Verify this, by using the “OCS Registry Check” utility (or another OPC
client) on the same machine as where you installed the FAST/TOOLS
OPC DA server. Make sure the OPC client “sees” the FAST/TOOLS
OPC DA server when it browses for available Data Access servers on
the local machine.
If the OPC client does not list the server, type the following from the
..\tls\exe directory (FAST/TOOLS executables directory) in a command
window:
opxdas12.exe /RegServer
This should correctly register the server. Verify this by restarting the
OPC client and “browsing” the list of local servers.
If you are still not able to list the OPC server or to communicate with it,
please refer to the items in the following sections.
Note:
• If, for whatever reason, you need to unregister the FAST/TOOLS
OPC DA server, use the following command:
opxdas /UnregServer
6.10.3 Server browser properly installed?
As described in 6.8, the “opcenum” facility” is certainly the

recommended way of browsing another machine for available OPC
servers. Local OPC clients can also use the “server browser” to get this
list of available OPC servers.
With the installation of the FAST/TOOLS OPC DA server, this “server
browser” is also installed on your system. If the “OCS Registry Check”
utility indicates problems with the installation of the OPC Server
Browser, type the following command on the ..\tls\exe directory:
opccommonsetup
Among others this command puts the opcenum program in the

..\winnt\system32 directory and registers it as COM server.
When FAST/TOOLS is started for the first time on a machine, the

“opcenum” program is installed as a service.

FAST/TOOLS does not automatically configure the start-up type of the

service. So if you want the service to become automatically active after
reboot of the machine for example, please configure the “opcenum”
service to do so.
Notes:
• To register the “opcenum” program manually, the following
command can be used:
opcenum /RegServer
• To install the “opcenum” program manually as service, the

following command can be used:
opcenum /Service
Remember to set the “start-up” type afterwards.

• If, for whatever reason you need to unregister the “opcenum”
program (also un-installs the service), the following command can
be used:
opcenum /UnregServer
6.10.4 OPC foundation DLL’s properly installed?
For the OPC client and OPC server to be able to communicate, a number
of standard OPC foundation DLL’s need to be available.
With the installation of the FAST/TOOLS OPC DA server, these DLL’s
are also installed and registered on your system. These are the following
DLL’s:
• opccomn_ps.dll:
A DLL containing the proxy/stub code for the “common” interfaces
(IOPCCommon, IOPCServerList (for server browsing) and
IOPCShutdown).
• opcproxy.dll:
A DLL containing the proxy/stub code for the OPC Data Access
interfaces.
Verify that both these DLL’s reside in the ..\winnt\system32 directory.

If these DLL’s do not reside there, type the following command on the
..\tls\exe directory: opccommonsetup.
Among others, this setup program will install and register the above
mentioned DLL’s.
Notes:

OPC DA Server DCOM tunnelling FAST/TOOLS OPC DA server
• To register the standard DLL’s manually, the following commands

can be used (in the ..\winnt\system32 directory):
- regsvr32 opcproxy.dll
- regsvr32 opccomn_ps.dll
• If, for whatever reason, you need to unregister the DLL’s, the
following command can be used:
regsvr32 /u <DLL name>
E.g.:
regsvr32 /u opcproxy.dll
6.11 OPC DA Server DCOM tunnelling

The OPC-DA Server DCOM-tunnelling option was developed to avoid
some of the DCOM configuration problems.
6.11.1 Introduction
Configuring DCOM across two windows domains can be is quite a

headache for system integrators. To avoid these problems the
FAST/TOOLS OPC-DA Server can be configured to run in the same
domain as the OPC-DA Client or even simpler on the same computer as
the client.
In that case FAST/TOOLS will use is own BUS/FAST message protocol
instead of DCOM. Figure 6-2 shows a typical configuration where the
FAST/TOOLS OPC-DA Server is in a different domain from the
OPC-DA client.

FAST/TOOLS OPC DA server OPC DA Server DCOM tunnelling
DOMAIN A DOMAIN B
FAST/TOOLS
Host node
ITEM/FAST
OPC-DA DCOM OPC-DA

Server Client
Figure 6-2 OPC-DA connection using DCOM
DCOM is used to connect OPC Client and Server. The client receives
data updates from the server through the DCOM connection and
modifies the FAST/TOOLS item values on the local FAST/TOOLS
system.
Figure 6-3 shows a configuration where the FAST/TOOLS OPC-DA
Server is used with DCOM tunnelling enabled. OPC-DA Server and
Client are in the same windows domain and BUS/FAST has replaced
DCOM for the to communication across the windows domains.

OPC DA Server DCOM tunnelling FAST/TOOLS OPC DA server
DOMAIN A DOMAIN B
FAST/TOOLS
Host node
OPC-DA
Client
(D)COM
ITEM/FAST BUS/FAST OPC-DA

Server
Figure 6-3 OPC-DA connection BUS/FAST
In this configuration the OPC-DA Server will update the items on the
FAST/TOOLS host node through the BUS/FAST (durm) connection.
6.11.2 Installing FAST/TOOLS DCOM tunneller
To install the FAST/TOOLS DCOM you must install FAST/TOOLS in

the normal way on the system on which the OPC client is running. The
system should then be licensed using an OPC DCOM tunneller node
license. This license will ensure that only BUS/FAST,
DATABASE/FAST and ACCESS/FAST are activated.The DCOM
tunneller node will have no HMI. It is configured from the HMI
connected to the HOST.
Apart from the fact that only a small sub-set of the FAST/TOOLS
package is activated on the OPC-DA client node, it is just another
FAST/TOOLS node. Setting up the BUS/FAST DURM connection
between the host and the DCOM tunneller node on which the OPC-DA
server runs is done in the same way as with any other FAST/TOOLS
node. The most essential part is to ensure that the DUR host node
number on the DCOM tunneller node is set correctly in the dur.sup file.

FAST/TOOLS OPC DA server OPC DA Server DCOM tunnelling
To configure the OPC-DA Server as DCOM tunnelling client the “Use

DCOM-tunnelling to host” option in the OPC-DA Server setup file
should be set. If this option is active the OPC-DA Server will assume all
items are located on the FAST/TOOLS host node.

General FAST/TOOLS OPC AE client
7 FAST/TOOLS OPC AE client
7.1 General
This chapter contains detailed information on how to configure the
FAST/TOOLS OPC Alarm&Event (AE) Client on your system. It gives
information on the process parameters that can be configured from the
setup-file and explains the program context.
Some basic knowledge about the concepts behind OPC is presumed. If
you are new to OPC please first read chapter 4 for an introduction.

FAST/TOOLS
The OPC AE client acts as a COM client to one or more OPC servers.
The context diagram of the FAST/TOOLS OPC client is depicted in
Figure 7-1. It shows the functional interaction of the client with its
environment.
Setup file OPC AE

(D)COM Server(s)
FAST/TOOLS
DUR stop message OPC AE
Client
via ITM common
ack.
DSS ITEM/
FAST
ALARM/
HMI
FAST
Figure 7-1

FAST/TOOLS OPC AE client Interaction with other parts of FAST/TOOLS
Some more information about the interaction of the FAST/TOOLS OPC

AE client with its environment, in the following subsections.
7.2.1 Data set services (DSS)
The FAST/TOOLS Data Set Services (DSS) interacts with the AE client
using BUS/FAST messages. All configuration of the AE client (e.g. by
means of the FAST/TOOLS HMI or via quick load like utilities) is done
using DSS.
On the other hand, the AE client itself uses DSS during initialisation.
Using DSS the specific instance of the OPC AE client gathers
information about:
• The OPC AE stations for which the specific instance of the client is
responsible.
• For each of the AE stations, the event sources and their mapping
upon FAST/TOOLS items.
7.2.2 OPC client setup-file
Some aspects of the behaviour of the OPC AE client can be influenced

via setup file parameters. For a more detailed description of the AE
client setup file parameters, please refer to section 7.5.4 of this manual.
7.2.3 (D)COM
This is the underlaying technology that OPC clients and servers use to
communicate with each other. It is a standard part of the Microsoft
Windows operating system. From a global point of view, DCOM
enables the OPC AE client to:
• Start an OPC AE server (if it is not running) on the local or remote
system.
• To communicate with the OPC AE server(s). This communication
is bi-directional; the client can send requests to the server and the
server can make “callbacks” (e.g. for event notification) to the
client.

Interaction with other parts of FAST/TOOLS FAST/TOOLS OPC AE client
7.2.4 ITEM/FAST
The OPC AE client maps OPC AE server event sources to

FAST/TOOLS items. The idea is to pass as much information as
possible received from an OPC AE server, to FAST/TOOLS using items
as a “vehicle”.
To make this more concrete, the OPC AE client interfaces with
ITEM/FAST in the following situations:
• To pass the attributes present in the condition events (received from
OPC AE server(s)), to other parts of FAST/TOOLS. Among others
the ITEM/FAST “update-info” mechanism (itm_set_gen()
interface), is used for this purpose.
• To reflect “subscription active/not active” status of an OPC AE
station via the quality code/option bit of items.
• To reflect the “connection healthiness” of an OPC AE station via a
possibly specified status item linked to the station.
7.2.5 ALARM/FAST
The OPC AE client does not directly interface with ALARM/FAST.

However ALARM/FAST is an important component during the
processing of information provided by OPC AE servers to the
FAST/TOOLS OPC AE client.
ALARM/FAST subscribes for certain type of events generated by
ITEM/FAST (e.g. to detect when an item is forced to an alarm- or
normal state). When such an event is caused by the OPC AE client, the
event is augmented with update info containing OPC condition event
attributes. ALARM/FAST receives such an event and (among others)
uses the condition event attributes to compose an alarm event.
Another aspect in which ALARM/FAST plays a role in the OPC AE

client context, is the acknowledgment of alarms. When a FAST/TOOLS
user tries to acknowledge an item, and the item has a relation with an
OPC event source, ALARM/FAST sends the acknowledgment request
to the FAST/TOOLS OPC AE client. The FAST/TOOLS OPC AE client
in turn, tries to acknowledge (the event source) at the OPC AE server
that originally generated the alarm. If the acknowledgment request is
accepted by the OPC AE server, a new condition event will be ultimately
generated. This condition event will be processed in the “normal” OPC
AE client event stream and thus sent via ITEM/FAST to
ALARM/FAST.

FAST/TOOLS OPC AE client Quality code value
7.3 Quality code value

In 4.4, a description is given of how the 16 bits OPC quality code field
is mapped to the 32 bits FAST/TOOLS quality code field. This section
gives information about the quality code values that the OPC AE client
uses to signal specific situations.
As explained before, the OPC AE client exclusively uses the upper 16
bits of the 32 bits FAST/TOOLS quality code word. These upper 16 bits
in the FAST/TOOLS quality code word, are used in the same way as the
OPC Foundation specifies for the OPC quality word. That is:
• The lower 8 bits (of the upper 16 bits of the 32 bits FAST/TOOLS
quality code word) are used to encode “quality states” in the OPC
Foundation way.
The FAST/TOOLS OPC AE client stores one of the following
values (according OPC Foundation specification) into these bits:
- 0xc0:
Means the “quality” of the “AE client related information” is
good. “Good” in this context means, the OPC AE client has an
active/healthy connection with an OPC server.
- 0x80:
Means the “quality” of the “AE client related information” is
“uncertain”. This is typical the case when the AE client has lost
the connection with the OPC AE server. In such a situation the
FAST/TOOLS items related to such a server, will be assigned
this quality code value.
• The upper 8 bits are used to copy “vendor” specific quality code
information.
In the case the FAST/TOOLS OPC AE client would be connected
to a FAST/TOOLS OPC AE server, these bits would contain the
lower 8 bits of the FAST/TOOLS quality code word.
7.4 Runtime behaviour
7.4.1 Introduction
This paragraph globally describes (parts of) the runtime behaviour of the

Runtime behaviour FAST/TOOLS OPC AE client
7.4.2 Initialisation
When the FAST/TOOLS OPC AE client is started, it performs the

following actions:
• It reads its setup file parameters (also see 7.5).
• It connects to DSS
• It reads the station definitions data set, in order to determine which
OPC AE stations it should manage.
• For each of the stations it should manage, it performs an attempt to
connect to the related OPC AE server.
If for some reason the server cannot be reached (for example
because of a failing network connection), this is logged and a
reconnect attempt is done at a later stage (see 7.4.3).
If the connect action succeeds, the OPC AE client “refreshes” the
alarm information for the event sources it manages.
Whilst the FAST/TOOLS OPC AE client has no connection with an
OPC AE server, this is indicated in the communication status item
of the station (see also 7.4.4). In addition to this, the FAST/TOOLS
items that have a relation (via event sources) with the off-line
station, are also flagged off-line.
• After the initialisation action has been completed, the OPC AE
client starts waiting for DUR-messages and events from the
connected OPC AE server(s).
7.4.3 Heartbeat mechanism
The FAST/TOOLS OPC AE client uses a so-called heartbeat

mechanism for all actions it must perform periodically. Examples of
these type of actions are:
• Check for messages in the DUR message queue
• Check the connection to the OPC server(s)
• Re-connect attempt after connection to server was lost
The heart-beat of the OPC AE client is internally determined by the OPC

AE client.
7.4.4 Check the connection to the OPC server(s)
The FAST/TOOLS OPC Alarm&Event Client periodically checks if it

can still communicate with the other OPC server(s). The interval

FAST/TOOLS OPC AE client OPC AE client configuration
between two successive connection attempts can be configured in the

set-up file of the AE client.
If the AE client cannot reach the OPC server, the client will change the
AE part of the quality code of all FAST/TOOLS items related to the
OPC server accordingly (see 7.3). If the related OPC AE station has a
status item defined, its value will be set to a value that reflects the
connection status.
The client uses the GetStatus method of the IOPCServer interface to
check the connection to the server. This method will return one of the
following values that will be written into the value attribute of the OPC
station status item.
OPC server status Status item value
OPC_STATUS_RUNNING 1
OPC_STATUS_FAILED 2
If the GetStatus call fails, the status item is set to the value 2
(OPC_STATUS_FAILED)
7.4.5 Reconnection mechanism
When no initial contact with an OPC AE server can be obtained or when

the connection with the server becomes lost, the FAST/TOOLS OPC AE
client performs an attempt to re-establish the connection. The interval
between two successive “reconnect attempts” is the same as the interval
value for the “connection alive” check.
7.5 OPC AE client configuration
7.5.1 Introduction
This section describes how to configure the run-time behaviour of a

7.5.2 OPC AE client executable and process name
The OPC AE client’s executable is called opxaec.exe and resides in the

OPC AE client configuration FAST/TOOLS OPC AE client
directory /tls/exe. If this program is started it will create an OPC AE

client with the process name OPXAEC. Another way to start the OPC
client is to use the command line option ‘-n’ followed by a suitable
process name.
The process name is the name by which a running OPC AE client is
known to all other FAST/TOOLS processes. Whenever a FAST/TOOLS
process needs to communicate with an OPC AE client it uses the client’s
process name to address it. The process name is also used during start-up
of the client to look for a setup-file with the same name.
The OPC client will usually be started as part of the access_start.cmd
script which can be found in the directory /tls/com. You can start an OPC
AE client by adding the following line to the script:
start /b /NORMAL %TLS_ROOT_PATH%\tls\exe\opxaec.exe -n opxaec01
This will start an OPC client process called OPXAEC01.
7.5.3 Stopping the OPC AE client
An OPC AE client process will usually be stopped as part of the

access_stop.cmd script. You can stop an OPC AE client process by
adding the following line to the script:
%TLS_ROOT_PATH%\tls\exe\durstp -msk -t10 -p OPXAEC01
This will send a BUS/FAST ‘stop’ message to the OPC client process
called OPXAEC01 which causes the client program to stop.
7.5.4 Setup-file parameters
Whenever an OPC AE client process is started it will look for a

setup-file to initialise its parameters. First it will try to use a process
specific setup file. A client process called OPXAEC01, for example,
will first check if there is a setup-file called ‘opxaec01.sup’ in the default
setup-file directory (/tls/sup). If it cannot find such a file, it will look for
a setup-file called ‘opxsys.sup’. If this file can’t be found the OPC client
process will use its own default values.
The rest of this section describes the individual setup file parameters of
the FAST/TOOLS AE Client in alphabetical order.
Keyword: OPXAEC_BROWSE_CACHE

FAST/TOOLS OPC AE client OPC AE client configuration
• Description:
If OPC server namespace is browsed the tag names are temporarily
stored in the client to avoid unnecessary overhead caused by
repeated browse requests. This keyword sets the number of
milliseconds after which the cache will be cleared.
• Syntax:
OPXAEC_BROWSE_CACHE = <time-out in msec.>
• Example:
OPXAEC_BROWSE_CACHE = 60000
Keyword: OPXAEC_DUR_QSZ
• Description:
• Syntax:
OPXAEC_DUR_QSZ = <queue size in Kbytes>
• Example:
OPXAEC_DUR_QSZ = 50
Keyword: OPXAEC_PING_TIMEOUT
• Description:
Ping time out in seconds. If the server station does not respond
within the specified number of seconds, the station will be
considered off-line.
• Syntax:
OPXAEC_PING_TIMEOUT = <time-out in seconds>
• Example:
OPXAEC_PING_TIMEOUT = 3
Keyword: OPXAEC_SAFE_CON
• Description:
When this keyword is set, permission is granted to connect the
FAST/TOOLS OPC AE client to a FAST/TOOLS OPC AE server.
Normally, to prevent deadlock problems, a FAST/TOOLS OPC AE
client cannot be connected to a FAST/TOOLS OPC AE server
unconditionally. A connection is permitted only in situations where

Tricks and Tips FAST/TOOLS OPC AE client
the FAST/TOOLS OPC AE client node and the FAST/TOOLS

OPC AE server node are independent FAST/TOOLS systems.
Deadlock situations will arise in situations where:
1 The FAST/TOOLS OPC AE client and AE server reside on
the same node, or
2 The FAST/TOOLS OPC AE client node and FAST/TOOLS
OPC AE server node are interconnected via a DURM
connection.
• Syntax:
OPXAEC_SAFE_CON [= yes]
• Example:
OPXAEC_SAFE_CON
Keyword: OPXAEC_SRV_ALIVE
• Description:
Defines the OPC server alive check interval. The OPC client
process periodically checks all its connections with the OPC
server(s).
• Syntax:
OPXAEC_SRV_ALIVE = <interval time in msec.>
• Example:
OPXAEC_SRV_ALIVE = 1000
7.6 Tricks and Tips

This section gives some useful information when setting up your OPC
client.
Although it is possible to connect more than one OPC server to a client

it is not recommended to do so. This is because an attempt to connect an
OPC AE client to a server via a “problematic” connection, can take quite
a while. This is because of long time out values in DCOM. In such
situations, communication with other servers during the time out period,
will also stall.
For this reason it is recommended to use a separate OPC AE client for
each server connection.

FAST/TOOLS OPC AE client Tricks and Tips

Introduction FAST/TOOLS OPC AE server
8 FAST/TOOLS OPC AE server
8.1 Introduction
This chapter describes in more detail the system integration aspects of
the FAST/TOOLS OPC Alarms&Events server (AE server).
The AE server supports the OPC Alarms&Events 1.02 interface.
Furthermore, the AE server fully supports both the custom as well as the
automation interface of the OPC standard.
OPC clients written in compiled languages (like C/C++) will use the
custom interface to interact with the AE server.
Via the automation interface, applications (OPC clients) written in
interpretive and/or macro languages (e.g. Visual Basic, Microsoft Word
and Microsoft Excel) can get access to the object model of the OPC
Alarms&Events interface.
All mandatory and optional interfaces of the OPC Alarms&Events

interface standard are supported by the FAST/TOOLS OPC AE server.

FAST/TOOLS
The FAST/TOOLS AE server does not act on its own. OPC clients
interact with the server via (D)COM. These OPC clients can reside on
the same node as the server but can also reside on another node
connected to the same network. Furthermore, the server interacts with
other parts of the FAST/TOOLS, to obtain alarm information or to
acknowledge FAST/TOOLS alarms.
This section globally describes the server's interaction with other parts
of the FAST/TOOLS.
The interfaces of the FAST/TOOLS AE server with the other parts of the
FAST/TOOLS, have been depicted in Figure 8-1.

FAST/TOOLS OPC AE server Some notes on the implementation of the server
FAST/TOOLS
(D)COM FAST/TOOLS
OPC AE DSS
OPC AE
Clients
server
Figure 8-1
What is shown in this figure is that the FAST/TOOLS OPC AE server

communicates with:
• The Data Set Services (DSS).
DSS is part of the tool DATABASE/FAST and is used by the AE
server to:
- Receive events on the "alarm_current" data set.
- Acknowledge FAST/TOOLS alarms if an OPC client requests
to do so.
The interface with DSS is a routine interface. DSS itself however

communicates internally via DUR messages with other
FAST/TOOLS components. These components may reside on the
same node or on a remote node, depending on the configuration and
the contents of the DSS-files. For more information please refer to
[1] and [6].
8.3 Some notes on the implementation of the

server
8.3.1 Introduction
This section contains some information that might be important to

understand the behaviour of the FAST/TOOLS OPC AE server. This
type of information might be helpful when developing/using OPC

Some notes on the implementation of the server FAST/TOOLS OPC AE server
clients in conjunction with the FAST/TOOLS OPC AE server.
8.3.2 Supported events
The FAST/TOOLS OPC AE server generates two types of events:

• Condition events:
These events are used to represent FAST/TOOLS alarm messages.
The AE server defines one condition ("FAST/TOOLS alarm") with
a subcondition for each defined FAST/TOOLS item status.
More about the way the FAST/TOOLS AE server deals with OPC
conditions, can be found in 8.3.3.
• Simple events:
In the current implementation of the FAST/TOOLS AE server,
simple events are used to signal to the OPC client so called flow
problems and the recovery of these problems. More about this
recovery mechanism can be found in 8.3.4.
8.3.3 FAST/TOOLS AE server and OPC (sub)conditions
The OPC Alarms&Events spec. only deals with (sub)conditions in

general. A condition is active or not and in case it is active its
subcondition describes the situation in more detail.
For OPC an alarm is just a special case of a condition, a condition which
is normally not desired and which requires special attention. OPC does
not treat alarms in any special way. From the OPC (sub)condition data
itself, you can not tell whether the (sub)condition represents an alarm
situation or not.
The way the FAST/TOOLS OPC AE server has mapped the OPC model
of conditions upon the FAST/TOOLS alarm handling mechanism, is as
follows:
• OPC condition events will be generated only for FAST/TOOLS
items with the “alarm monitoring” attribute set to “yes”.
• An “active” condition event is sent for items which switch from a
“normal” or “alarm” state to (another) “alarm” state. The
subcondition related to this active “FAST/TOOLS alarm”
condition, is the item status.
• A previously “active” condition for an item is “flagged” as inactive
as soon as the FAST/TOOLS item switches from an “alarm” to a
“normal” state. Flagging an active condition as inactive, is done
(according to the OPC spec.) by sending an “inactive” condition

event.
In that situation (condition switching from active to inactive) no
acknowledgment of the previously “active” condition is
necessary/possible (since the condition is not active anymore).
8.3.4 Flow problems
Since the FAST/TOOLS OPC AE server operates in an event driven

way, flow problems may occur "somewhere" in the event channel. Such
a problem may occur when for example a message queue has an
overflow due to a burst of alarm events. The AE server is able to detect
flow problems and, when configured to do so, is able to recover
automatically from these problems.
When the AE server detects a flow problem and the AE server is
configured to recover automatically, the AE server starts the recovery
procedure. The recovery procedure consists of the following steps:
1 At the start of the procedure the AE server starts sending a simple
event to the connected OPC clients. This simple event contains a
message indicating that a flow problem was detected and that the
actual act of recovery will start after a delay of 'x' seconds. The
delay time is something that can be configured in the setup file of
the FAST/TOOLS OPC interface.
2 The actual recovery takes place. In OPC parlance, all active
conditions ("outstanding" alarms) are obtained from the tool
ALARM/FAST and, if not known by the AE server, sent as active
condition events to the connected OPC clients. In addition to this,
all currently inactive conditions, administered by the AE server as
active conditions, are sent to the OPC clients as inactive condition
events.
3 When the actual recovery has taken place, the AE server sends a
second simple event to the connected OPC clients, to signal the end
of the recovery procedure.
8.3.5 Server’s threads
In the FAST/TOOLS OPC AE server a number of threads execute the

AE server code. The most important of these threads are:
• The "FAST/TOOLS message interface thread":
This thread is responsible for reading the DUR message queue of
the server and handling the DUR messages residing in this queue.

Some notes on the implementation of the server FAST/TOOLS OPC AE server
Furthermore this thread is responsible for the processing of DSS

events on (among others) the "alarm_current" data set.
• The "client event subscription threads":
A subscription thread is created for each subscription object created
by an OPC client.
• A temporary thread is created for each call of the function
IOPCEventSubscriptionMgt::Refresh().
8.3.6 ProgID
The FAST/TOOLS OPC AE server, registers in the Windows registry

with the following Programmatic Identifier (ProgID):
Yokogawa.FastToolsOpcAes.<version>
This ProgID information is useful when your OPC client has to connect
to the server, when you develop your own OPC client application or
when you want to track down the cause of possible problems.
8.3.7 Implementation of “Process Area” browsing
Among others, the FAST/TOOLS OPC AE server has implemented the

optional interface to browse for available “process areas” and “sources”.
The OPC notion “process area” has been mapped in the FAST/TOOLS
AE server upon “installations” and “units”.
The OPC notion “source” has been mapped in the FAST/TOOLS AE
server upon “items” and “subitems”.
By default, the FAST/TOOLS AE server shows all (sub)items for which
the “alarm monitoring” attribute is set to yes (via its browse interface).
To accomplish this, the FAST/TOOLS AE server initially reads the
(sub)item definition dataset and performs specific operations for the
items read. Since a FAST/TOOLS system may contain many thousands
of (sub)items, the time needed by the FAST/TOOLS AE server to
initialise, can be considerable in such a situation. This is something that
might be noticed specifically when an OPC client connects to the OPC
server and it is the first client performing a server connect action. In such
a situation the server is not running. Because of the client connect action,
the server is automatically started and first initialises itself. As explained
this may take some time (depending on the item definitions in the
system) and might be experienced as annoying and undesired behaviour.
As an alternative the possibility exists to skip this part of the

initialisation process. This behaviour can be selected via a separate setup

file parameter. In that situation the server does not read the (sub)item
definition dataset. As a result of this, the server initialises faster and
initially occupies less system resources. However in such situation, the
server is not able to immediately show all defined (sub)items via the
server’s browse interface. Instead the following strategy is used in the
server with respect to process area and event source browsing:
• The server shows all FAST/TOOLS installations and units right
after the start of the server.
By doing so, the OPC client is able to specify (among others) a filter
based on FAST/TOOLS installations and/or units.
• When condition events arrive for FAST/TOOLS (sub)items, these
(sub)items will be internally administered by the server and as a
result can be exhibited via the server’s browse interface.
So during the lifetime of the server more and more (sub)items may
appear in the browse interface.
8.3.8 FAST/TOOLS priority to OPC severity mapping
A FAST/TOOLS alarm event has a priority value assigned to it. This

FAST/TOOLS priority value, is an indication of the severity of the
alarm. The FAST/TOOLS priority can have a value in the range from 0
up to and including 15.
An OPC condition event also has a priority value assigned to it (in OPC
parlance called “severity”). The OPC priority value is also meant to
express the importance of the OPC event and can be used by an OPC
client as filter criterion. The OPC event priority values range from 1 up
to and including 1000 (with 1000 the highest severity value).
The table below gives an overview of how the FAST/TOOLS OPC AE
server maps FAST/TOOLS priority values upon OPC severity values.
FAST/TOOLS OPC severity

priority value value
0 1
1 50
2 100
3 150
4 200
5 250

Starting the server FAST/TOOLS OPC AE server
FAST/TOOLS OPC severity

priority value value
6 300
7 350
8 400
9 450
10 500
11 600
12 700
13 800
14 900
15 1000
8.4 Starting the server

Since the FAST/TOOLS OPC AE server is a COM server, its name and
the location of the executable among others, is registered in the
Windows registry. As soon as an OPC client wants to connect to the
server and the server appears not to be active, the COM run time will
start the server automatically.
For each FAST/TOOLS node, only one FAST/TOOLS AE server will

become active. This server connects to the DUR common with the name
OPXAES.
8.5 Stopping the server

Normally the FAST/TOOLS Alarms&Events server is stopped when the
entire FAST/TOOLS suite is stopped. Among others, this stop action
uses the "access_stop" script to stop the tool ACCESS/FAST.
It is possible to specifically stop the FAST/TOOLS Alarms&Events
server by sending it the standard BUS/FAST "stop" message. In order to
send the standard BUS/FAST "stop" message, use the following
command in a "command tool" to stop the Alarms&Events server:

FAST/TOOLS OPC AE server Disabling condition acknowledgment
durstp -p opxaes.
When stopping the FAST/TOOLS AE server in this way, the server will
send a so called "shut-down" request to all of the OPC clients currently
connected to the server. This enables connected OPC clients to
gracefully shut down when the server terminates. Upon receipt of the
"shut-down" request, an OPC client should release all resources that it
has claimed in order to communicate with the OPC server. Regardless
of whether clients respond to this "shut-down" request, the server will
shut-down anyway.
8.6 Disabling condition acknowledgment

The FAST/TOOLS OPC AE server normally offers an OPC client the
possibility to acknowledge FAST/TOOLS alarms (active conditions).
However if for whatever reason this option must be blocked, the setup
file of the FAST/TOOLS OPC interface, offers the possibility to do so.
Please refer to paragraph 8.9.2, for detailed information.
8.7 FAST/TOOLS specific event attributes

In addition to the standard event attributes (the data prescribed by the
OPC Alarms&Events specification) the FAST/TOOLS OPC AE server
is capable of sending additional FAST/TOOLS specific event attributes
with an event notification. The OPC client can ask the OPC AE server
for a list of available event attributes. After that, the OPC client can tell
the OPC server, which of the attributes should be returned by the OPC
server with an event notification. For details see ref [13], the
“IOPCEventSubscriptionMgt” interface.
Currently the following additional FAST/TOOLS specific event
attributes are supported by the FAST/TOOLS OPC AE server:
• Old (previous) item value
• New item value
• Old (previous) quality code
• New quality code
• Old (previous) item status
• New item status
• Old (previous) alarm state

OPC Server browsing FAST/TOOLS OPC AE server
• New alarm state

• Item description
• Engineering units
• “Node” field in related item-id
• “Group” field in related item-id
• “Number” field in related item-id
• “Sub-number” field in related item-id
If for whatever reason some or all of these additional FAST/TOOLS

specific event attributes must be hidden for OPC clients, the setup file of
the FAST/TOOLS OPC interface offers the possibility to do so.
Please refer to paragraph 8.9.2 for detailed information.
8.8 OPC Server browsing

The chapter describing the FAST/TOOLS OPC DA server also contains
a paragraph (paragraph 6.8) that describes a mechanism by which an
OPC client has the possibility to browse for available OPC servers. The
mechanism as described for OPC DA servers, also applies to OPC AE
servers. So, for more information about this subject, please refer to that
paragraph.
8.9 Configuration
8.9.1 Introduction
This section describes the configuration issues related to the use of the
FAST/TOOLS OPC AE server. Configuration is possible in two
separate areas:
• (D)COM configuration:
As described before, OPC is based on Microsoft's (D)COM
technology. Some properties of DCOM need configuration before
you are able to use the FAST/TOOLS OPC AE server. This is
especially true if you want to access the FAST/TOOLS OPC AE
server over a network. The (D)COM configuration aspects have
already been described in paragraph 6.9.2. Please refer to this
paragraph for detailed information about this subject.

FAST/TOOLS OPC AE server Configuration
• Server configuration:
Via the setup file of the OPX brick (opxsys.sup), some behavioural
aspects of the FAST/TOOLS OPC Alarms&Events server can be
tuned to individual requirements.
The "server configuration" aspects, are described in the following
paragraph.
8.9.2 Setup file parameters
This section describes the individual setup file parameters of the

FAST/TOOLS Alarms&Events server. Parameters of the
FAST/TOOLS OPC AE server, are described in alphabetical order.
Keyword: OPXAES_ACK_ALLOWED
• Description:
Via this keyword, one is able to specify whether acknowledgment
of a FAST/TOOLS alarm (OPC condition) via an OPC client, is
allowed.
• Syntax:
OPXAES_ACK_ALLOWED = yes | no
• Example:
OPXAES_ACK_ALLOWED = yes
Keyword: OPXAES_ALM_REC_DELAY
• Description:
When the FAST/TOOLS OPC Alarms&Events server detects that
it has missed one or more events, it can start a recovery procedure.
Depending on your typical situation it may be wise to postpone the
start of the recovery procedure for a while (e.g. wait till a typical
burst of events has passed).
Specifying the value 0, means that no recovery will take place at all.
• Syntax:
OPXAES_ALM_REC_DELAY = <delay time in seconds>
• Example:
OPXAES_ALM_REC_DELAY = 30
Keyword: OPXAES_BROWSE_PREP_INI

Configuration FAST/TOOLS OPC AE server
• Description:
If checked, the OPC AE server will prepare the server's browse data
(process area's and event sources), during initialisation of the
server. Depending on the "name space" this might be a time
consuming action. For this reason, the possibility exists to do no
full preparation of the server's browse data. In that case, the server
will initially only show the process area's via its browse interface.
As soon as the first condition event is generated for an event source,
the event source also appears via the server's browse interface.
• Syntax:
OPXAES_BROWSE_PREP_INI = yes | no
• Example:
OPXAES_BROWSE_PREP_INI = yes
Keyword: OPXAES_DUR_QSZ
• Description:
• Syntax:
OPXAES_DUR_QSZ = <queue size in Kbytes>
• Example:
OPXAES_DUR_QSZ = 30
KEYWORD: OPXAES_EC_ATTR_<FAST/TOOLS attribute>
• Description:
Via this keyword, one is able to specify whether the event attribute
in question, should be presented to OPC clients as option to be
included in event notifications.
<FAST/TOOLS attribute> can be one of the following strings:
- OLD_VAL
Old item value
- NEW_VAL
New item value
- OLD_OPQ
Old quality code (OPC coding)
- NEW_OPQ
New quality code (OPC coding)
- OLD_STA

FAST/TOOLS OPC AE server Trouble shooting
Old item status

- NEW_STA
New item status
- OLD_AST
Old alarm state
- NEW_AST
New alarm state
- ITM_DSC
Item description
- ITM_ENU
Item engineering units
- ITM_NDE
Node number of item-id
- ITM_GRP
Group number of item-id
- ITM_NMB
Sequence number of item-id
- ITM_SNR
Sub-sequence number of item-id
• Syntax:
OPXAES_EC_ATTR_<FAST/TOOLS attribute> = yes | no
• Example:
OPXAES_EC_ATTR_NEW_AST = yes
Keyword: OPXAES_HBEAT
• Description:
The FAST/TOOLS OPC Alarms&Events server has a so called
heart beat. When the server does not find new alarm- or event
messages in its receive queue, the server “sleeps” a while. The
heart-beat is the time after which the server awakes to check for
new alarm- or event messages.
• Syntax:
OPXAES_HBEAT = <heart beat in msec.>
• Example:
OPXAES_HBEAT = 50

On some occasions you might experience problems in connecting your

Trouble shooting FAST/TOOLS OPC AE server
OPC client to the FAST/TOOLS OPC AE server. The reason for such
problems may vary from situation to situation, e.g. programming errors
in the OPC client being used, network problems or
configuration/installation problems.
For information that might be helpful to trace the latter type of problems
please refer to paragraph 6.10.

FAST/TOOLS OPC AE server Trouble shooting

General OPC Unified Architecture and FAST/TOOLS OPC UA Client
9 OPC Unified Architecture and

FAST/TOOLS OPC UA Client
9.1 General
This chapter introduces the reader to the functionality of the
FAST/TOOLS OPC UA interface.
As such this chapter describes:
• What OPC UA stands for and what kind of problems the standard and its
implementations are going to solve.
• How OPC UA is used in the FAST/TOOLS product and what kind of basic
architectures can be used.
• Some miscellaneous information e.g.
• The representation of OPC UA item quality codes upon FAST/TOOLS quality codes
and vice versa.
The following chapters describe more specifically the FAST/TOOLS OPC UA client
functionality.
9.2 OPC Unified Architecture
OPC Unified Architecture (UA for short) is the next generation of OPC and is intended to
learn from the lessons of using classic OPC. OPC UA aims to provide platform
independent communications based around the concept of web services. It has built-in
support for security certificates and redundant communications.
Although the original binding to COM/DCOM helped OPC to gain acceptance, it had
several drawbacks:
• Frequent configuration issues with DCOM;
• No configurable time-outs;
• Microsoft Windows only;
• Complex Security Model
• No control over DCOM (COM/DCOM is kind of black box; developers have no
access to sources and therefore have to deal with bugs or insufficient
implementations).
• No remote redundancy
These drawbacks along with a number of other considerations pushed the decision to
develop a new and independent stack for OPC UA, which replaces COM/DCOM. The
main characteristics of this communication stack were:
• Multi-platform implementation, including portable ANSI C, Java and .NET
implementations;
• Scalability from smart sensors and smart actuators to enterprise;
• Multi-threaded, as well as single-threaded/single-task operation which is necessary
for porting the stack to embedded devices;

OPC Unified Architecture and FAST/TOOLS OPC UA Client Protocols
• Security, based on latest web standards;

• Configurable time-outs for each service;
• Chunking of big datagrams.
9.3 Protocols
OPC UA supports two protocols. This is visible to application programmers only via
changes to the URL. The binary protocol is opc.tcp://Server and http://Server is for Web
Service. Otherwise OPC UA works completely transparent to the API.
The binary protocol, offers the best performance/least overhead, takes minimum resources
(no XML Parser, SOAP and HTTP required which is important for embedded devices),
offers best interoperability (binary is explicitly specified and allows fewer degrees of
freedom during implementation) and uses a single arbitrarily choose-able TCP port for
communication easing tunneling or easy enablement through a firewall.
Note that the FAST/TOOLS OPC UA client only supports the binary OPC UA protocol.
9.4 Security
The OPC UA is a platform independent standard and relies on cross platform security
measures, this is a departure from classic OPC which delegates security to COM/DCOM.
OPC UA security is based on a Public Key Infrastructure (PKI) using industry standard
x.509 digital certificates and addresses authentication, authorization, encryption and data
integrity.
Below is a diagram from the specification on security giving a high level view of how
security is managed in OPC UA. Note that user authentication and authorization are left to
the application layer. Secure channel communication, however, is part of the specification.

Authentication OPC Unified Architecture and FAST/TOOLS OPC UA Client
9.5 Authentication
OPC UA application instances are uniquely identified by their x509 certificates, a session
can only be created between two OPC UA applications if each trusts the other's certificate.
A client, for example, cannot initiate a session with a server providing a certificate that the
client does not trust. Trust can in two ways established
1. Directly- Each application has the other's (public) certificate copied directly into some
trust folder which the application inspects.
2. Via a 'tree of trust ' whereby an application trusts the authority which granted the
other application's certificate, thus by extension the application's certificate.
Both methods of authentication are supported by the FAST/TOOLS OPC UA client. Each
instance of the FAST/TOOLS UA client will generate its own default certificate named
EquipmentProcessName.der. In the engineering module the certificate information can be
customized to fulfill the certificate requirements.
The FAST/TOOLS OPC UA Client uses the default certificate store which are the file
based OpenSSL PKI store. The store has the following three directories.
• trusted - contains the trusted certificates and the public key of the OPC UA client
• crl - contains the revocation list
• private - contains the private keys of the OPC UA client
FAST/TOOLS added two other directories to this structure:

• deleted - contains the deleted certificates of the OPC UA client
• rejected - contains the rejected certificates of the OPC UA client
The FAST/TOOLS OPC UA client does not support the MS Windows Server 2003 PKI.
The FAST/TOOLS UA client certificate root folder can be found at: \tls\pki\opxuac.
A server certificate can be revoked (deleted) from the HMI or manually by deleting it from
the \tls\pki\opxuac\trusted\ directory. At a running system this will not have any effect until
the connecting is closed and reconnected again. During reconnecting the client will request
a new certificate from the server.
Client certificates can be modified from within the HMI. Changes will only have effect
after the connecting to the server is closed and reconnected again. During reconnecting the
client will requested to send its certificate to the server.
For industrial environments it is recommended to use certificates with strong keys (e.g.
2048 bits) together with a long lifetime (e.g. 5-7 years) in order to reduce the number of
changes in the system. Sometime before an existing certificate expires the administrator
should create and install a new certificate during maintenance of the system.
9.6 Authorization
An endpoint's description defines the user identity token a client application must supply.
The OPC UA specification describes four types of user id an endpoint can demand:
1. Anonymous.

OPC Unified Architecture and FAST/TOOLS OPC UA ClientData Encryption and Data Integrity
2. User name and password.

3. x509 certificate (note this is distinct from the application instance's x509 certificate -
this is a certificate that has been issued to the user).
4. WS-Security compliant tokens (Kerberos tickets, widely used for single sign on, have a
WSS token profile).
Note that the specification only describes the permitted types of user tokens and the means
by which they are exchanged. For example: Restricting access to the address space based
on a user's identity token is application specific – this must be implemented by the OPC
UA server vendor.
The FAST/TOOLS OPC UA client support the anonymous (1) and “user name and
password’ (2) authorization methods.
9.7 Data Encryption and Data Integrity
Data encryption is intended to prevent a 3rd party reading messages passed between client
and server (snooping on a network with a packet sniffer for example). OPC UA uses
public/private key encryption. Data integrity measures prevent a 3rd party tampering with
messages passed between client and server (injecting malicious content to the message for
example).
OPC UA defines a set of common internet standard measures that clients and servers must
implement for scrambling the data (encryption) and signing messages (data integrity) in
order to guarantee a secure channel. Each session endpoint informs clients of the measures
it will use through its description published by the discovery endpoint. The client and
server then apply these measures on their respective sides to every message passed within
the confines of a secure session.
The options for encryption and signing are:
• None - no encryption, security is turned off. Messages can be read by a 3rd party and
tampered with.
• Signed - messages are signed to ensure data integrity but the message body is
unencrypted. Messages can be read by a 3rd party.
• Sign and encrypt - as above but with the message body encrypted. Secure, messages
are private and their integrity is assured.
The options for encryption method are
• None – no encryption (no security)

• Basic128Rsa15 – 128 bit encryption (fairly secure)
• Basic256 – 256 bit encryption (very secure)
FAST/TOOLS OPC UA client fully supports the above mentioned Data Encryption and
Data Integrity methods.

More about OPC Unified Architecture OPC Unified Architecture and FAST/TOOLS OPC UA
9.8 More about OPC Unified Architecture
www.commsvr.com/UAModelDesigner/Index.aspx
www.unified-automation.com

OPC Unified Architecture and FAST/TOOLS OPC UA Client OPC UA Data Access Specifica-
9.9 OPC UA Data Access Specification
9.9.1 Introduction
The FAST/TOOLS OPC UA client implements the OPC UA Data Access functionality as
described in Part 8 of the OPC UA Specification. Currently the client is implemented for
the windows platform only. Other platform support will be developed in the future.
This section describes how the OPC UA data model is mapped on FAST/TOOLS items.
9.9.2 The OPC UA Data Types
An OPC UA DataType is an attribute of a variable that defines what kind of data that
variable may hold.
The figure below shows (some of) the OPC UA DataType hierarchy. These data types are
described in some detail in the OPC UA Specification part 3.
The FAST/TOOLS OPC UA Client only supports the data types shown as grey. Data types
that are shown white or that are not shown in this hierarchy are supported by representing
them as a string type only.
For server diagnostics it is possible to map individual elements of server diagnostic
structures on FAST/TOOLS items.

OPC UA Data Access Specification OPC Unified Architecture and FAST/TOOLS OPC UA Cli-
9.9.3 The OPC UA Data Access Variable Type Model
In OPC UA a Variable is a component of the address space that contains a value. Apart
from a value it has also other attributes like data-type and access-levels. In the OPC UA
information model it is possible to define variable-types that describe the properties and
data-type of a variable. All variables in a running OPC UA Server will be instances of one
of these predefined variable-types. This allows Clients to handle all instances of a
variable-type in the same way.
To standardize the representation of automation data in OPC UA Server the OPC
Foundation has specified the Data Access model in part 8 of the OPC UA specification.
The figure below shows the VariableType hierarchy as defined in the OPC UA Data Access
specification.
9.9.4 The DataItemType
This variable-type defines the general characteristics of a Data Item.
9.9.5 Additional properties
The DataItemType added the following properties to the hierarchy:

• Definition (optional)
This is a string type property that specifies how the value of this DataType is
calculated. Example: Definition ::= “(TempA – 25) + TempB”

OPC Unified Architecture and FAST/TOOLS OPC UA Client OPC UA Data Access Specifica-
• ValuePrecision (optional)
This property of type Double indicates the precision of the value.
9.9.6 The AnalogType
The Analog variable type defines the general characteristics of an analog item. It is derived
from the DataItem type and adds some additional properties specific for analog process
values.
9.9.7 Additional properties
The following properties are added by the Analog Type

• Instrument Range (optional)
- Datatype = Range
This property specifies how the value of variables of this item DataItem is calculated
• EURange (Manditory)
- Datatype = Range
This property defines the value range likely to be obtained by DataItems of this type
in normal operation.
• EngineeringUnits (optional)
- Datatype = EUInformation
This property defines the engineering unit of the DataItems
9.9.8 The Discrete types
The Discrete item type is an abstract type which means no instances can exist. Its can be
used in a filter when browsing or querying.
9.9.9 The TwoStateDiscreteType
This variable type defines the characteristics of a two state discrete type. It has two
additional properties.
• TrueState(Mandatory)
-Datatype = LocalizedText
This property contains the string to be associated with the TRUE state of the DataItem.
• FalseState(Mandatory)
-Datatype = LocalizedText
This property contains the string to be associated with the FALSE state of the
DataItem.

OPC UA Data Access Specification OPC Unified Architecture and FAST/TOOLS OPC UA Cli-
9.9.10 The MultiStateDiscreteType
This variable type defines the general characteristics of a multistate discrete type. It has one
additional propertiy.
• EnumString(Mandatory)
-Datatype = LocalizedText[]
This property contains the string array lookup table of values to be associated with the
numeric values of the DataItem.
9.9.11 Variable Type mapping on FAST/TOOLS
Variable values are always mapped on FAST/TOOLS Item values. Variable properties are
also mapped on FAST/TOOLS item values. OPC UA variable properties are accessible
through a Node-ID just like any other OPC UA variable.
9.9.12 Mapping of multi-dimensional variable types
OPC UA variables can hold multi-dimensional arrays of data. The FAST/TOOLS OPC UA
Client does not support multi-dimensional array variables. If a multiple array variable is
read only the first element of the variable will be read. However an array can be read as a
string item and will be formatted as follows: {one,two,three, …}
9.9.13 Mapping of status code
OPC UA status codes that indicate the quality of data read by the Client are stored in a 32
bits unsigned integer (UInt32). This value will be mapped on the Quality code of the
FAST/TOOLS item. It will be interpreted by FAST/TOOLS with the following values:
0, OPXC_QUALITY_CODE_GOOD
1, OPXC_QUALITY_CODE_BAD
2, OPXC_QUALITY_CODE_UNCERTAIN

OPC Unified Architecture and FAST/TOOLS OPC UA Client OPC UA Redundancy
9.10 OPC UA Redundancy
9.10.1 Introduction
This chapter describes how redundancy is supported in the FAST/TOOLS OPC UA Client.
9.10.2 Client redundancy
Client-side redundancy is not implemented in the first phase of the FAST/TOOLS OPC UA
Client. However client redundancy is supported by the FAST/TOOLS HAC. OPC UA
Session transfer from one to another client is currently not supported by the FAST/TOOLS
OPC UA Client.
9.10.3 Server side redundancy
Server redundancy can be divided in Transparent Server redundancy and Non-Transparent

redundancy.
9.10.4 Transparent Server redundancy
In this approach server redundancy is handled transparent to the server. The server-side will
take care of switching the URI-endpoint to the backup server. The client will not notice any
disruption of communication. This can be handled by the FAST/TOOLS UA-Client.
9.10.5 Non-Transparent Server redundancy
In this approach client is aware that there are two servers on the server side. The one server
is active the other server is the backup server.
The FAST/TOOLS OPC UA Client supports the so-called ‘cold’ backup mode. If the client
is configured to be redundant it will be given two Server URI’s. With the first it will set-up
the connection and creates a session and subscriptions. If the connection with the first
server fails it will close the connection to the first server and will build up the connection to
the second server.

OPC UA Client integration OPC Unified Architecture and FAST/TOOLS OPC UA Client
9.11 OPC UA Client integration
9.11.1 Introduction
This section describes how the OPC UA Client is integrated in FAST/TOOLS. To make the
behaviour of the OPC UA Client as much as possible consistent with the existing
FAST/TOOLS Equipment Managers it is integrated in the Equipment Plug-in Architecture
(EPA) Framework. This makes it possible to install the OPC UA Client as Equipment
Plug-In
The following drawing shows the context for the OPC UA client. Both the
“Configuration-time” and “Run-time” context are shown.

OPC Unified Architecture and FAST/TOOLS OPC UA Client Configuring an OPC UA Client in
9.12 Configuring an OPC UA Client in

FAST/TOOLS
The way in which an OPC UA client is defined in FAST/TOOLS is as much as possible
done in the same way any other Equipment Managers are configured.
Step 1: Define line type:
For the OPC UA Client the line type is equivalent to an instance of an OPC
UA Client Process. For each line type defined the a new OPC UA Client
process will be started. The default process name used is OPXUAC.
Step 2: Define Stations for a line type:

A FAST/TOOLS OPC UA Station is equivalent to a connection to an OPC
UA Server including the creation of an OPC UA Session on that server. At
this step also a redundant server can be configured. At this stage a session
is created. A session is the connection context between two applications.
Step 3: Define Subscription for a Station:

A Subscription can be added to a OPC UA Station A Subscription added to
station defines a subscription in the OPC UA Server. Multiple
subscriptions can be created in the context of a session. A subscription is
the context to exchange data changes and event notifications between
server and client. A subscription requires the session to transport the data
to the client.

Configuring an OPC UA Client in FAST/TOOLS OPC Unified Architecture and FAST/TOOLS
Step 4: Define data points

FAST/TOOLS I/O Points are mapped to OPC UA variables. To monitor
values data points and subscription can be added to the data points.
Multiple monitored items can be created in a subscription but they are
bound to this subscription. A monitored Item is used to define the attribute
of a Node that should be monitored for data changes.
The next figure gives an overview of how FAST/TOOLS terminology is mapped to

equivalent OPC UA concepts.
9.12.1 Subscribe for Data Changes and Events
A client can subscribe for three different types of information from an OPC UA server. A
subscription is used to group sources of information together. A monitored Item is used to
manage a source of information. A piece of information is called a Notification. A
subscription can contain all three different types of monitored items and the server will
deliver notifications until the subscription or the monitored items are deleted.
Types of monitored items are:
• The first and most common type of monitored item is used to subscribe for data
changes of variable values.
• The second type is used to subscribe to events. Events are not supported by the
FAST/TOOLS OPC UA client.
• The third type is used to subscribe to aggregated values. This type is not supported by
the FAST/TOOLS OPC UA client.
All monitored items have common settings like monitoring mode, sampling interval, filter
settings and queue size. The monitoring mode and sampling interval can be configured for
the FAST/TOOLS OPC UA client.
The next figures shows the different subscription and monitoring item settings
Settings for Subscription and Monitored Items
The sampling interval defines the rate the server checks variable values for changes. The
monitoring mode defines if the monitored item is active or inactive. The queue size defines

OPC Unified Architecture and FAST/TOOLS OPC UA Client OPC UA engineering module tree
how many notifications can be queued for delivery. There are two subscription settings.
The publish interval defines the interval when the server clears the queues and deliver the
notifications to the client. The Publish enabled setting defines whether the data gets
delivered to the client.
9.13 OPC UA engineering module tree

Configuring an OPC UA Client Station in the engineering module is done from the
‘Equipment’ branch of the configuration tree. The difference with the existing OPC-DA
Client is that the OPC UA Station doesn’t have ‘Groups’. Instead of groups there are
‘Subscriptions’. These function in a similar way as Scan types in classic FAST/TOOLS
Equipment managers.
DataPoints are added directly to Stations. Each datapoint must be assigned a subscription to
receive updates from the Server. If no subscription is added to the Point it will not receive
updates and it can only be written from FAST/TOOLS.
Unlike Scan types that are added on EQP level Subscriptions are added on Station level.
This is because Subscriptions can be set to active and in-active. It is more logical to do this
on Station level.
9.14 Offline configuration

One of the features of FAST/TOOLS engineering is that almost all configurations can be
done OFFLINE. This means engineering is possible without being connected to external
equipment. This is also the case for the OPC UA Client. The only exception may be the
exchange of security certificates between server and the client and trusting of the server
certificate.
9.15 OPC UA line definition

This section describes the adding and modifying of an OPC UA Line definition.
9.15.1 OPC UA line definition functionality
Creating an OPC UA Line will start an OPC UA client through the EPA-framework. When
the OPC UA client process is started it will set up its security context (see later).
The following operations can be done on the OPC UA Line definition:
• Add line definition

OPC UA station definition OPC Unified Architecture and FAST/TOOLS OPC UA Client
• Remove line definition

• Modify the following properties:
- Description
9.16 OPC UA station definition

This section describes the adding and modifying of an OPC UA Station definition.
9.16.1 OPC UA station definition functionality
An OPC UA station is linked to an OPC UA Client process thought the line type
definition. If the “Redundant Servers” option is selected two redundant OPC UA server
endpoints can be added. The “Communication status item” is an integer item that indicates
if there is communication between the Station and the OPC UA Server. The Active Server
item indicates which server is active:
0 = No server active
1 = Server 1 active
2 = Server 2 active
The OPC UA station dialog offers an advanced OPC UA server browse control which
make it possible to browse for a specific server on the network.
When an OPC UA Server is added to the station the server will provide a PKI certificate
and this is stored in the /tls/pki/opxuac/rejected folder by default. The PKI certificate can
be accepted in the Engineering Module. If the certificate is accepted it is moved to the
/tls/pki/opxuac/trusted folder.
The following operations can be done on the OPC UA station definition:
• Add station definition
• Remove station definition
- Description
- OPC Server 1 endpoint
- Redundant Servers
- OPC Server 2 endpoint
- On Scan
- Communication status item
- Preferred server
In the Advanced options the following security operations can be done on the OPC UA
station definition:
- Security policy
- Message security mode
- Anonymous
- User name
- Password

OPC Unified Architecture and FAST/TOOLS OPC UA Client OPC UA security certificates
9.17 OPC UA security certificates

During the initial contact between server and client there is an exchange of security
certificates. FAST/TOOLS OPC UA Client has implemented certificate management
possibilities.
Certificates send by the server are by default always be rejected by the client. This means
that the client stores the certificate in the rejected folder. Using the engineering module the
rejected certificate can be trusted. When a certificated is trusted the certificated is moved to
the trusted folder. The trusted and rejected folders can be found at tls/PKI/opxuac/
The following operations can be done on the OPC UA server certificates:
• Show Properties
• Modify trusted / rejected
• Delete
Note that when the certificate is deleted the certificate is moved to the
tls/PKI/opxuac/deleted folder.
9.17.1 OPC UA Client certificate
During the initial contact between server and client and using a secure policy and mode, the
client certificated must be available / stored at the server side. When a line is created an
OPC UA client process is started. This process searches for a certificate file with the same
name as the process DUR name plus a .der extension. E.g. OPXUAC.der. If this file is not
found the client process generates a new own certificate file and stores in into the
tls/PKI/opxuac/trusted folder. In the engineering module the own certificate can be
modified to conform to the requested specifications.
The following operations can be done on the OPC UA server certificates:
• Show Properties
• Modify the following properties
- Name
- Organization
- Organization unit
- Locality
- State
- Country (2 letter land code e.g. NL)
- Domain name
- IP Address (if no domain name is available)
- RSA key strength
- Valid until, lifespan of the certificate
Certificates are required for secure transmissions of data between UA Server and
FAST/TOOLS OPC UA Client. Both the Client and the Server must know and trust each
other’s certificate. In this case the FAST/TOOLS OPC UA client certificate must be copied
to the PKI trusted folder of the server.
What is the best strategy for maintenance of certificates?
That depends on the application. There are multiple steps to take.
- In the server you have to define is unsecure connection are allowed. If not then

OPC UA Subscription definition OPC Unified Architecture and FAST/TOOLS OPC UA Client
connections won't work anymore if the client certificate has expired.

The easiest way will be exchange the certificates at a maintenance moment - or just
reconnect the client.
9.18 OPC UA Subscription definition

This section describes the adding and modification an OPC UA Subscription. OPC UA
subscriptions can be added to an OPC Station to receive data changes for monitored items.
9.18.1 OPC UA Subscription functionality
To receive data updates from the server an OPC UA station must create one or more
Subscriptions. For the subscription the following properties can be configured:
• Create Subscription
• Delete Subscription
• Modify existing subscription
- Set publishingInterval
- Set maxNotificationsPerPublish
- Set priority
In the OPC UA context the OPC UA Station implements the Subscription level.
9.18.2 OPC UA point definition
This section describes the adding and modifying of an OPC UA point definition.
9.18.3 OPC UA point definition functionality
Create an OPC UA Point that can be mapped on a FAST/TOOLS item.

OPC Unified Architecture and FAST/TOOLS OPC UA Client OPC UA client configuration
The point definition provides a browse functionality to browse the OPC UA Server
Namespace for finding and selecting the desired OPC UA server.
9.19 OPC UA client configuration
9.19.1 Introduction
This section describes how to configure the run-time behavior of the FAST/TOOLS OPC
UA client.
9.19.2 OPC UA client process name
The process name is the name by which a running OPC UA client is known to all other
FAST/TOOLS processes. Whenever a FAST/TOOLS process needs to communicate with
an OPC UA client it will use the client’s process name to address it. The process name is
also used during start-up of the client to look for a setup-file and a save-file with the same
name.
When more than one client has to be active at the same time they must have unique names.
The process name of a OPC UA client is set by a command line option during start up. How
this is done is explained in the next section.
9.19.3 Starting the OPC UA client
The OPC UA client’s executable is called opxuac.exe and resides in the directory /tls/exe.
If this program is started it will create an OPC UA client with the process name OPXUAC.
A better way to start the OPC UA client is to use the command line option ‘-n’ followed by
a suitable process name.
The OPC UA client will usually be started as part of the access_start.cmd script which can
be found in the directory /tls/com. You can start an OPC UA client by adding the following
line to the script:
start /b /NORMAL %TLS_ROOT_PATH%\tls\exe\opxuac.exe -n opxuac_client
This will start an OPC UA client process called OPXUAC_CLIENT.
The OPC UA client also handles a third parameter –v. “-v” stand for Verbose and will
enable console input to control the onscreen logging behavior.
When using –v the OPC UA client process must be started in a console.
9.19.4 Stopping the OPC UA client
An OPC UA client process will usually be stopped as part of the access_stop.cmd script.
You can stop an OPC UA client process by adding the following line to the script:

Setup-file parameters OPC Unified Architecture and FAST/TOOLS OPC UA Client
%TLS_ROOT_PATH%\tls\exe\durstp -msk -t10 -p opxuac_client

This will sent a BUS/FAST ‘stop’ message to the OPC UA client process called
OPXUAC_CLIENT. This will cause the client program to stop.
9.20 Setup-file parameters

Whenever an OPC UA client process is started it will look for a setup-file to initialize some
of its parameters from. First it will try to initialize from a process specific file name. A
client process called opxuac_client, for example, will first check if there is a setup-file
called ‘opxuac_client.sup’ in the default setup-file directory (/tls/sup). If it cannot find such
a file, it will look for a setup-file called ‘opxuac.sup’. If this file can’t be found the OPC
UA client process will use its own default values.
The rest of this section describes the individual setup file parameters of the FAST/TOOLS
OPC UA Client.
Keyword: OPXC_DUR_QUEUE_SIZE
Description:
Determines the amount of messages that can be queued at once for an OPCXUAC process
• Syntax:
OPXC_DUR_QUEUE_SIZE = <Message queue size in Kilobytes>
• Example:
OPXC_DUR_QUEUE_SIZE = 500
Keyword: OPXC_MAX_HEART_BEAT_TIME
Description:
The FAST/TOOLS OPC UA client has a so called heartbeat.
This heart beat is in fact a DUR message that is sent periodically to trigger the process in
question to perform a periodic action.
The maximum heart beat value of the process sets the maximum speed at which the mean
loop will process messages
• Syntax:
OPXC_MAX_HEART_BEAT_TIME = <interval in milliseconds>
• Example:
OPXC_MAX_HEART_BEAT_TIME = 50
Keyword: OPXC_MIN_HEART_BEAT_TIME
Description:
The FAST/TOOLS OPC UA client has a so called heartbeat.
question to perform a periodic action.
The minimum heart beat value of the process sets the minimal speed at which the mean
loop will process messages

OPC Unified Architecture and FAST/TOOLS OPC UA Client Setup-file parameters
• Syntax:
OPXC_MIN_HEART_BEAT_TIME = <interval in milliseconds>
• Example:
OPXC_MIN_HEART_BEAT_TIME = 2
Keyword: OPXC_ITM_EVT_BUF_TIME_OUT
Description:
Specifies the ITEM/FAST event buffering interval.
ITEM/FAST will buffer item events for the FAST/TOOLS OPC UA client for this period of
time or until the event buffer is full.
• Syntax:
OPXC_ITM_EVT_BUF_TIME_OUT = <interval in milliseconds>
• Example:
OPXC_ITM_EVT_BUF_TIME_OUT = 1000
Keyword: OPXC_ITM_EVT_BUF_SIZE
Description:
Specifies the ITEM/FAST event buffer size.
ITEM/FAST will buffer item events for the FAST/TOOLS
OPC UA client until the event buffer is full or the buffer timeout expires whatever happens
first
• Syntax:
OPXC_ITM_EVT_BUF_SIZE = <size in kilobytes>
• Example:
OPXC_ITM_EVT_BUF_SIZE = 5
Keyword: OPXC_INPUT_BUF_LENGTH
Description:
This parameters set the maximum number of updates the client
will write to ITEM/FAST in one heart-beat cycle. Updates from the server are queued in
the client. Every heart-beat cycle the client will write a buffer at maximum
OPXC_INPUT_BUFFER_LENGTH to ITEM/FAST.
Depending on the fill percentage of this buffer the heart-beat increased or decreased. See
queue load throttle percentage.
• Syntax:
OPXC_INPUT_BUF_LENGTH = <length in number of items>
• Example:
OPXC_INPUT_BUF_LENGTH = 1000
Keyword: OPXC_OUTPUT_BUF_LENGTH
Description:
This parameters set the maximum number of updates the client will write to the OPC_UA
Server in one heart-beat cycle. Updates from the FAST/TOOLS are queued in the client.

Every heart-beat cycle the client will write a buffer at maximum

OPXC_OUTPUT_BUFFER_LENGTH to the server.
Depending on the fill percentage of this buffer the heart-beat is increased or decreased. See
queue load throttle percentage.
• Syntax:
OPXC_OUTPUT_BUF_LENGTH = <length in number of items>
• Example:
OPXC_OUTPUT_BUF_LENGTH = 1000
Keyword: OPXC_OUTPUT_BUF_TIME_OUT
Description:
Specifies the OUTPUT event buffering interval.
The client will buffer outputs for this period of time or until the event buffer is has reached
a comes first.
• Syntax:
OPXC_OUTPUT_BUF_TIME_OUT = <timeout in milliseconds>
• Example:
OPXC_OUTPUT_BUF_TIME_OUT = 1000
Keyword: OPXC_COM_STAT_CHK_INTERVAL
Description:
Communication status check, seconds
This parameter sets the interval the client will check
• Syntax:
OPXC_COM_STAT_CHK_INTERVAL = <interval in seconds>
• Example:
OPXC_COM_STAT_CHK_INTERVAL = 10
Keyword: OPXC_STATION_CON_TRY_INTERVAL
Description:
Station connect try in seconds .
The client needs to receive a security certificate from the server to establish a connection.
This parameters sets the try interval
• Syntax:
OPXC_STATION_CON_TRY_INTERVAL = <interval in seconds>
• Example:
OPXC_STATION_CON_TRY_INTERVAL = 30
Keyword: OPXC_THROTTLE_PERCENTAGE
Description:
Throttle percentage for read and write queues. If the read or write queue is filled by at least
this percentage of the clients the heart-beat will automatically increase. When the write

queue is filled below this percentage the heart-beat will automatically decrease to the
OPXC_MAX_HEART_BEAT_TIME value
• Syntax:
OPXC_THROTTLE_PERCENTAGE = <interval in percentage>
• Example:
OPXC_THROTTLE_PERCENTAGE = 30
TAB = Logging
Keyword: OPXC_LOG_LEVEL
Description:
Set the logging/trace level
Possible options are:
None - No logging
High - Most detailed logging.
Medium - Medium logging level.
Low - Low level logging.
By default None is assumed. Activating this option can have a large impact on the run-time
speed of the OPC UA client!
• Syntax:
OPXC_LOG_LEVEL = <option>
• Example:
OPXC_LOG_LEVEL = Medium
Keyword: OPXC_LOGFILE_SIZE
Description:
This parameter sets the maximum logging file size in Mbytes for the FAST/TOOLS OPC
UA client. If the logging file size exceeds the maximum the current logging file is closed,
renamed to <logfile>.old and a new logging file is created.
• Syntax:
OPXC_LOGFILE_SIZE = <Logging file size in Mbytes>
• Example:
OPXC_LOGFILE_SIZE = 10
Keyword: OPXC_LOG_TO_SCREEN
Description:
Write logger messages to screen.
If checked, logging messages are also written to screen
Values: YES, NO, default NO
• Syntax:
OPXC_LOG_TO_SCREEN = <YES or NO>
• Example:
OPXC_LOG_TO_SCREEN = YES

TAB = OPC UA API Settings
Keyword: OPXC_SERVICE_ASYNC_WRITE
Description:
Use Asynchronous write.
If checked, the client will use the asynchronous write service to write updates to the server.
If not check synchronous write will be used.
Values: YES, NO, Default YES
• Syntax:
OPXC_SERVICE_ASYNC_WRITE = <YES or NO>
• Example:
OPXC_SERVICE_ASYNC_WRITE = YES
Keyword: OPXC_SERVICE_CALL_TIME_OUT
Description:
OPC UA Service call timeout, seconds. This parameter sets the timeout for all OPC UA
service calls in seconds.
• Syntax:
OPXC_SERVICE_CALL_TIME_OUT = <OPC UA Service call timeout in seconds>
• Example:
OPXC_SERVICE_CALL_TIME_OUT = 10
Keyword: OPXC_SESSION_CONNECT_TIME_OUT
Description:
OPC UA Session connect timeout, milliseconds.
• Syntax:
OPXC_SESSION_CONNECT_TIME_OUT = <OPC UA Session connect timeout
milliseconds>
• Example:
OPXC_SESSION_CONNECT_TIME_OUT = 5000
Keyword: OPXC_SESSION_WATCHDOG_TIME
Description:
OPC UA Session time between watchdog checks in milliseconds.
• Syntax:
OPXC_SESSION_WATCHDOG_TIME = <OPC UA Session time between watchdog
checks Ms>
• Example:
OPXC_SESSION_WATCHDOG_TIME = 5000
Keyword: OPXC_SESSION_WATCHDOG_TIME_OUT
Description:

The timeout for watchdog calls in milliseconds. After one unsuccessful call the timeout
will be two times this value for the next call.
• Syntax:
OPXC_SESSION_WATCHDOG_TIME_OUT = <OPC UA Session timeout for watchdog
calls in milliseconds>
• Example:
OPXC_SESSION_WATCHDOG_TIME_OUT = 5000
Keyword: OPXC_SERVICE_MONITOR_REQ_SIZE
Description:
Maximum monitor requests, requests.
During start up and re-connect the OPC UA client will request item monitoring from the
server for input and input/output items. This parameter will set the maximum number of
requests per call to the server.
• Syntax:
OPXC_SERVICE_MONITOR_REQ_SIZE = <Maximum monitor requests size>
• Example:
OPXC_SERVICE_MONITOR_REQ_SIZE = 5000
9.20.1 Example setup file settings (default):
OPXC_DUR_QUEUE_SIZE = 500
OPXC_MAX_HEART_BEAT_TIME = 50
OPXC_MIN_HEART_BEAT_TIME = 2
OPXC_ITM_EVT_BUF_TIME_OUT = 1000
OPXC_ITM_EVT_BUF_SIZE = 5
OPXC_INPUT_BUF_LENGTH =1000
OPXC_OUTPUT_BUF_LENGTH = 1000
OPXC_OUTPUT_BUF_TIME_OUT = 500
OPXC_THROTTLE_PERCENTAGE = 30
OPXC_COM_STAT_CHK_INTERVAL = 10
OPXC_STATION_CON_TRY_INTERVAL = 30
OPXC_LOG_LEVEL = None
OPXC_LOGFILE_SIZE = 10
OPXC_LOG_TO_SCREEN = NO
OPXC_SERVICE_ASYNC_WRITE = YES
OPXC_SERVICE_CALL_TIME_OUT = 10
OPXC_SERVICE_MONITOR_REQ_SIZE = 5000
OPXC_SESSION_CONNECT_TIME_OUT = 5000
0PXC_SESSION_WATCHDOG_TIME = 5000
OPXC_SESSION_WATCHDOG_TIME_OUT = 5000

TIPS and Tricks OPC Unified Architecture and FAST/TOOLS OPC UA Client
9.21 TIPS and Tricks

This section gives some useful information when setting up your OPC UA client.
Although it is possible to connect more than one OPC UA server to a client, from a
performance point of view it is recommended to connect one client to a server.
9.21.2 Use quick-loads to configure OPC clients
All data needed to configure an OPC UA client can be quick loaded into DSS using the
dssqld tool. This is often much quicker than entering OPC clients from the HMI. Because
the dssqld utility can dump DSS data sets into quick load files it is quite easy to generate
‘template’ quick load files by creating an OPC station in the HMI with a single OPC item.
You can create the template quick-load files by dumping the required data
sets.
dssqld -d OPCUAC_LINE_DF -e opcua_line_df.qli
dssqld -d OPCUAC_STATION_DF -e opcua_station_df.qli
dssqld -d OPCUAC_SUBSCRIPTION_DF -e opcua_sub.qli
dssqld -d OPCUAC_POINT_DF -e opcua_point_df.qli
These files can now be used as a basis for you quick load files.
Next a quickload example is given.

OPC Unified Architecture and FAST/TOOLS OPC UA Client Quickload Example
9.22 Quickload Example

The following example is showing the minimal information that needs to be provided to create an
OPC UA Station, Subscription and Point.
@LANGUAGE
ENGLISH
@VERSION
9.04
!======================================================================
=======
@FIELDS
NAME,DESCRIPTION,OPC_BRANCH_01_INFO,OPC_BRANCH_01_SELECTION,OPC_BRA
NCH_02_INFO
OPC_BRANCH_02_SELECTION,ON_SCAN,REDUN_SERVER,PREFERRED_SERVER,MSG_
SECURITY_01_MODE,MSG_SECURITY_01_POLICY
MSG_SECURITY_02_MODE,MSG_SECURITY_02_POLICY,LINE,SERVER_01_NAME,SERV
ER_01_URI,SERVER_01_ENDPOINT
SERVER_02_NAME,SERVER_02_URI,SERVER_02_ENDPOINT,STATUS_ITEM,ACTIVE_SE
RVER_ITEM
@OPCUAC_STATION_DF
"UADEMO","OPC UA Demo Station","","","",\
"",0,0,"None","None","None",\
"0","None","UADEMO","","","opc.tcp://yokogawa03:4841",\
"","","","",""
!======================================================================
=======
@FIELDS
NAME,STATION_NAME,SUBSCRIPTION_NAME,REQUESTED_PUBLISH_INTERVAL,REV
ISED_PUBLISH_INTERVAL
REQUESTED_LIFETIME_COUNT,REVISED_LIFETIME_COUNT,REQUESTED_KEEP_ALI
VE_COUNT,REVISED_KEEP_ALIVE_COUNT,MAX_NOTIFICATIONS,PRIORITY
PUBLISH_ENABLED,DESCRIPTION,STATUS_ITEM
@OPCUAC_SUBSCRIPTION_DF
"UADEMO:UADEMO_SUB","UADEMO","UADEMO_SUB",1000,0,\
1200,0,5,0,0,0,\
1,"",""
!======================================================================
=======
@FIELDS
NAME,STATION,POINT,DESCRIPTION,SUBSCRIPTION
OPC_DISPLAY_NAME,EXTERNAL_RELATION,OPC_NAMESPACE,OPC_NODE_ID_TYPE,
OPC_NODE_ID,OPC_TAG_INFO OPC_TAG_TYPE

Quickload Example OPC Unified Architecture and FAST/TOOLS OPC UA Client
@OPCUAC_POINT_DF
"UADEMO:DemoPoint","UADEMO","DemoPoint","","UADEMO_SUB",\
"","Input + Output","http://opcfoundation.org/UA/","Numeric","11193",””,\
"1"

OPC Unified Architecture and FAST/TOOLS OPC UA Client Quickload Example

Introduction FAST/TOOLS OPC UA Server
10 FAST/TOOLS OPC UA Server
10.1 Introduction
This chapter describes in more detail the system integration aspects of the FAST/TOOLS
OPC UA Data Access, Alarm and Events and Historical Data Access server (DA, AE and
HDA server).
This chapter contains portions from the Unified Automation SDK documentation, copy-
right Unified Automation GmbH and reproduced with kind permission.
10.1.1 Definitions, Abbreviations and Acronyms
OPC UA Open Process Control Unified Architecture
DA Data Access
AE Alarm and Events
HDA Historical Data Access
GIN FAST/TOOLS generic interface (data access)
DSS FAST/TOOLS Data Set Services
SDK Software Development Kit
Section FAST/TOOLS branch
10.1.2 Some notes on the implementation of the server
This section contains some information that might be important to understand the behav-
iour of the FAST/TOOLS OPC UA server. Knowledge of this type of information might be
helpful when developing/using OPC UA clients in conjunction with the FAST/TOOLS
OPC UA server.
10.1.3 Interaction with other parts of FAST/TOOLS
The FAST/TOOLS OPC UA server does not act on its own. OPC UA clients interact with
the server via the OPC UA binary protocol using TCP/IP. These OPC UA clients can reside
on the same node as the server but can also reside on another node connected to the same
network. Furthermore, the server interacts with other parts of the FAST/TOOLS to get the
desired information or write information into the FAST/TOOLS system.
This section globally describes the server’s interaction with other parts of the

FAST/TOOLS OPC UA Server Introduction
FAST/TOOLS and the used SDK.
The Data Set Services (DSS)
DSS is part of the tool DATABASE/FAST and is used by the OPC UA server to:
• Serve “address-space” browsing requests from OPC UA clients.
• Get informed by events to read Alarm information
• Get informed by events to react on configuration changes
The interface with DSS is a routine interface. DSS itself however communicates internally
via DUR messages with other FAST/TOOLS components. These components may reside
on the same node or on a remote node, depending on the configuration and the contents of
the DSS-files.
BUS/FAST GIN DII (Generic Interface Distributed Item

Interface)
The OPC UA server uses GIN DII functionality to:

• Get a notification (event) when one or more of the attributes of an item
changes.
This information arrives in the OPC UA server via a DUR message.
• Read the current value of an item upon explicit request from the OPC cli-
ent.
10.1.4 SDK
The FAST/TOOLS OPC UA server is implemented using the OPC UA Server SDK from
Unified Automation. The SDK distinguish a Toolkit and a SDK level of usage. The
FAST/TOOLS OPC UA server is implemented using parts of both levels. The Toolkit level
is used especially for the OPC UA type system namespace. The SDK level is used for all
the communication to the FAST/TOOLS data e.g. browsing, monitoring, reading and writ-
ing values.
UA Message Exchange is Asynchronous
The message exchange for OPC UA (request message and response message) is asynchro-
nous. It is more efficient to initiate the actions in the server based on the request and allow
the UA stack to handle additional messages without consuming too many threads. The
FAST/TOOLS OPC UA server optimizes the execution of the actions started by the request
message and sends a response message when the actions are finished.
Multiplexing

Introduction FAST/TOOLS OPC UA Server
The asynchronous handling allows the Server SDK to multiplex operations like read or
write to several different data sources and to return after initiating the multiplexing. There
is no blocking of the thread necessary to wait for the results like in the synchronous case.
After all multiplexed operations are finished; the Server SDK can send the response with
the result data from a worker thread.
All Services that can potentially access several data sources in one call like Read, Write,
HistoryRead, Call or MonitoredItem related services are multiplexed and are using also
asynchronous interfaces to the undelaying FAST/TOOLS data as far as possible.

FAST/TOOLS OPC UA Server OPC UA server usage
10.2 OPC UA server usage
10.2.1 OPC UA server process name
The process name is the name by which a running FAST/TOOLS OPC UA server is known
to all other FAST/TOOLS processes. Whenever a FAST/TOOLS process needs to commu-
nicate with the FAST/TOOLS OPC UA server it will use the servers’ process name to
address it. The process name of the OPC UA server is “OPXUAS” and is set by a command
line option during start up. How this is done is explained in the next section.
10.2.2 Starting the OPC UA server
Since the FAST/TOOLS OPC UA server is part of ACCESS/FAST, the server is started
automatically by the ACCESS_START script in the tls/com directory. To start the
FAST/TOOLS OPC UA server manually from a “command tool” the following command
can be issued: opxuas –n opxuas
Note the FAST/TOOLS OPC UA server binaries are stored at the path tls/exe.
10.2.3 Stopping the OPC UA server
“Normally” the FAST/TOOLS UA server is stopped as part of a “FAST/TOOLS stop”

action (fast_stop script).
From the ACCESS/FAST System Integrator’s Manual stop action uses the “access_stop”
script to stop the tool ACCESS/FAST. It is possible to specifically stop the FAST/TOOLS
UA server by sending it the standard BUS/FAST “stop” message. In order to send the stan-
dard BUS/FAST “stop” message, use the following command in a “command tool” to stop
the Data Access server:
durstp -m -p opxuas
When stopping the FAST/TOOLS UA server in this way, the SDK part of the server will
send a so called “shut-down” request to all of the OPC clients currently connected to the
server. This enables connected OPC clients to gracefully shut down when the server termi-
nates. Upon receipt of the “shut-down” request, an OPC client should release all resources
that it has claimed in order to communicate with the OPC server. Whether or not clients
respond to this “shut-down” request, the FAST/TOOLS OPC UA server will shut-down
anyway.

OPC UA server usage FAST/TOOLS OPC UA Server
10.2.4 Configure items to be accessible by OPC UA
Introduction
This chapter describes how FAST/TOOLS data can be made accessible through the
FAST/TOOLS OPC UA Data server. All procedures described are performed from within
the FAST/TOOLS engineering module. In short, a FAST/TOOLS entity (item, section or
object) needs to have the “OPC Visible” checkbox checked to be visible and accessible for
an OPC UA client.
Configure a Section
1 Create a new Section
2 Check “Visible via OPC”

To make an existing section visible, double click the existing
section and check the “Visible via OPC” checkbox.
Configure an Item
1 Create a new Item
2 Check “Visible via OPC” in the “Item management” Tab.
Now the Item is only visible by browse. To make it readable and

writeable, check the Read and Write checkboxes.

Configure an Object
1 Create a new Object
2 Check “Visible via OPC” at the “Item management” Tab.
FAST/TOOLS item status to OPC UA status mapping
FAST/TOOLS status mapping, shows how FAST/TOOLS statuses are mapped to OPC UA
status codes.
FAST/TOOLS status Value OPC UA status code Value
NORMAL 9 Good 0
NOT_INIT 13 Uncertain 0x40000000
UPD_OFF 15 Uncertain 0x40000000
OFFSCAN 22 Uncertain 0x40000000
OFFLINE 14 Bad 0x80000000
BAD_VALUE 24 Bad 0x80000000
Table 10-1 FAST/TOOLS status mapping
All other FAST/TOOLS status values are mapped to OpcUa_Good. The actual
FAST/TOOLS item status can be obtained from the FTItemType Status property.
FAST/TOOLS to OPC UA data type mapping
FAST/TOOLS items and properties have internal data types. These types need to be
mapped to OPC UA data types and vice versa. Table 3, OPC UA to FAST/TOOLS data
types shows how the FAST/TOOLS OPC UA server maps the data types.

OPC UA server usage FAST/TOOLS OPC UA Server
FAST/TOOLS data OPC UA data type

type
Boolean OpcUaType_Boolean
Integer OpcUaType_Int32
Real OpcUaType_Double
String OpcUaType_String
Table 10-2 FAST/TOOLS to OPC UA data types
OPC UA data type FAST/TOOLS data type
OpcUaType_Boolean Boolean
OpcUaType_Int32 Integer
OpcUaType_Double Real
OpcUaType_String String
Table 10-3 OPC UA to FAST/TOOLS data types
10.2.5 Authorization and Authentication
The FAST/TOOLS OPC UA server uses the Username /Password authentication from the
FAST/TOOLS configuration.
1 Create new Authentication Group or get the Properties of an
existing Authorisation Group
2 Select the required actions.
3 Click > and apply the changes
Figure 10-1 Mapping of the FAST/TOOLS user permission and the

OPC UA Client permissions

User Permission OPC UA Permission
None None
Read only UA_ATTRREADABLE, UA_READABLE ,

UA_BROWSEABLE, UA_HISTORYREADABLE,
UA_EVENTREADABLE
All permissions “Read only” + UA_WRITABLE, UA_EXECUTABLE,

UA_WRITABLE, UA_ATTRWRITABLE
Table 10-1 Permission mapping
10.2.6 Connecting an OPC UA client to the

FAST/TOOLS OPC UA server
To test the FAST/TOOLS OPC UA server UaExpert from Unified Automation can be used.
The UaExpert is designed as a general purpose test client supporting OPC UA features like
DataAccess, Alarms & Conditions, Historical Access and calling of UA Methods. UaEx-
pert can be downloaded at:
https://www.unified-automation.com/products/development-tools/uaexpert.html
Start UaExpertOn the same machine where FAST/TOOLS is running . The following win-
dows will be shown
Figure 10-1 UaExpert
Click the + (plus) button at the top, select the Advanced tab and enter the following url:
opc.tcp://localhost:34493
It should look the same as the figure below, Add Server.

OPC UA address space concepts FAST/TOOLS OPC UA Server
Figure 10-2 Add Server dialog and a connected server
Click ‘OK’ and click the ‘connect’ button at the top. The client should connect to the
FAST/TOOLS OPC UA server. From here on you can exercise with UaExpert and the
FAST/TOOLS OPC UA server. A complete description of UaExpert is beyond the scope of
this document.
10.3 OPC UA address space concepts

The primary objective of the OPC UA address space is to provide a standard way for serv-
ers to represent objects to clients. In addition objects can be typed, i.e. OPC UA provides a
way to define and expose object types (classes with member variables and member meth-
ods) and object instances.
10.3.1 Node Model
The set of objects and related information that the OPC UA server makes available to cli-
ents is its address space. Objects and their components are represented in the address space
as a set of nodes described by attributes and interconnected by references.
10.3.2 Attributes
Attributes are data elements that describe nodes. Clients can access attribute values using
Read, Write, Query, and Subscription/Monitored Item services.
10.3.3 References
References are used to relate nodes to each other. They can be accessed using the browsing
and querying services.

FAST/TOOLS OPC UA Server OPC UA address space concepts
Like attributes, they are defined as fundamental components of nodes. Unlike attributes,
references are defined as instances of ReferenceType nodes. ReferenceType nodes are visi-
ble in the address space and are defined using the ReferenceType node class.
10.3.4 Variables
Variables are used to represent values. Two types of Variables are defined, Properties and
DataVariables. They differ in the kind of data they represent and whether they can contain
other Variables.
10.3.5 Properties
Properties contain server-defined Meta (static) data of objects, data variables and other
nodes similar to node attributes. Properties differ from attributes in that they can be defined
and added by the server and characterize what the node represents.
Attributes provide OPC UA metadata that is available for all nodes. Attributes are common
to all nodes of a node class and only defined by the OPC UA specification whereas proper-
ties can be server-defined. For example, an attribute defines the data type of variables
whereas a property can be used to specify the engineering unit of some variables.
10.3.6 Data Variables
Data variables represent the content of an object. An object is a container for variables and
methods. The object node does not provide a value whereas the variable nodes provide a
value.

OPC UA server information model FAST/TOOLS OPC UA Server
10.4 OPC UA server information model

The FAST/TOOLS OPC UA server information model adds several Object types to the
default OPC UA information model. The table below shows the added types.
FAST/TOOLS OPC UA server type FAST/TOOLS item type Description
FTItemType Base type for FT itemtypes
FTItemBooleanType boolean
FTItemNumericType Integer, real
FTItemStringType String
FTItemNumericSubType Sub Items
FTHMIInfoType Reference of FTItemType HMI info properties
FTHMINumericInfoType Reference of FTItemType HMI trend info properties

Table 10-1 Object types
The properties of FTItemTypes derived Objects can be browsed from the FAST/TOOLS
OPC UA server Types folder.
Figure 10-1 FTHMIInfoType and FTHMINumericInfo types
More information of all these types and their properties can be found in the Types/Object-
Types section of the FAST/TOOLS OPC UA server address space.
10.4.1 OPC UA server address space browsing
The FAST/TOOLS OPC UA server supports the OPC Address Space browsing interface.
Via this interface, OPC UA clients can ask the server to exhibit its Address Space, i.e. in
the case of FAST/TOOLS, the collection of sections, items, sub-items and their inter-rela-
tionships. This browse interface enables the OPC UA client to directly select the required
(sub)items from the address-space information returned. If the FAST/TOOLS OPC UA
server would not support address-space browsing functionality, OPC UA clients would
have to determine which items reside in a FAST/TOOLS system in another way. Natively,
the FAST/TOOLS address-space is a hierarchical one. The address space has the same hier-
archy as available in the FAST/TOOLS engineering module. OPC UA clients can navigate
through this hierarchy and in this way “drill down” until the desired (sub)item(s) have been
found.
Root Objects folder

FAST/TOOLS OPC UA Server OPC UA server information model
The FAST/TOOLS address space root is presented from the OPC UA address space
Objects folder.
• Root
• Objects
• Start FAST/TOOLS address space
Sections
FAST/TOOLS sections are represented as folders in the OPC UA address space.
Items
FAST/TOOLS Items consists of many properties. Many properties are set during configu-
ration (static) and have no dynamic behaviour. Other properties are dynamic during runt-
ime. The following table shows how FAST/TOOLS Item properties are mapped to their
relative OPC UA Object Type Nodes.

FAST/TOOLS FAST/TOOLS DSS Field OPC UA Static/ NOTE

HMI(SET) Object Type Node Dynamic
Item property
Blocked ITM_VAL:BLOCKED Blocked D
Comment1 ITEM_DF:COMMENT_1 Comment1 D
Comment2 ITEM_DF:COMMENT_1 Comment2 D
Internal calc ControlStatus D
Sub-item type SUB_ITEM_DF:SUB_TYPE SubItemType S
Trending Low ITEM_DF:TREND_LOW_LI TrendLowerLimit D

MIT
Trending High ITEM_DF:TREND_UP_LIM TrendUpperLimit D

IT
Value format ITEM_DF:VALUE_FORMA ValueFormat D

T
Quality Code ITM_VAL:QUALITY FTQuality D
ITM_VAL:LOCK_TERMIN HMIInfo.LockTerminal D
AL
ITM_VAL:LOCK_USER HMIInfo.LockUser D
ITM_VAL:LOCK_LOCKED HMIInfo.Locked D
ITM_VAL:STATUS MergedStatusNumber D
Status Derived from STATUS MergedStatusText D
Internal item id ITEM_DF:ID_GROUP Id.Group S
Front-end node ITEM_DF:FRONT_END_N Id.Node S

ODE
Internal item id ITEM_DF:ID_NUMBER Id.Number S
Internal item id SUB_ITEM_DF:ID_SUBNO Id.SubNumber S

(subitem)
Offline ITM_VAL:OFFLINE Offline D
ITM_VAL:OPTION_STATU OptionalStatus D
S
Internal calc PercentValue D Only for

INTEGER
(sub) Item ITEM_DF:SECTION_PATH Section S

name
Internal calc Status.Color D
Internal calc Status.Mnemonic D
ITM_VAL:STATUS_NUMB Status.Number D
ER

Status Derived from NUMBER Status.Text D
SUB_ITEM_DF:SUB Sub S
Value ITM_VAL:ITEM_VALUE Value D
Internal ValueOverwrite D
ITEM_DF:ALARMING OffNormalAlarm See Boolean,

Alarms String
and Con-
ditions
ITEM_DF:ALARMING LevelAlarm See Real, Inte-

Alarms ger
and Con-
ditions
Table 10-1 FAST/TOOLS Item mapping
How UA NodeID from FAST/TOOLS entity is built up
Through the address space of an OPC-UA server each node is uniquely identified with a
NodeId., the FAST/TOOLS OPC-UA server builds the NodeId starting with the
FAST/TOOLS namespace ID of the entity. The leaves of the FAST/TOOLS entity are iden-
tified using their full named path (case sensitive). Each branch in the path is identified with
a sequence number. The NodeId is JSON formatted as string.
Example building a NodeId

FAST/TOOLS Item: “Test”. Property paths are derived from the FTItemType class.

FTItemType
Root Node:
Namespace id : 32
NodeId: {“nsid”:”32”}
Item “Value” property Node:
NodeId: {“0”:”Value”, “nsid”:”32”}
Item “HMIInfo.Locked” property Node:
NodeId: {“0”:”HMIInfo”,”1”:”Locked”, “nsid”:”32”}
Sub Items
FAST/TOOLS Items are mapped to OPC UA Objects types. The following table shows the
available mappings.
FAST/TOOLS OPC UA server type FAST/TOOLS item type
FTItemNumericSubType Sub Items

Table 10-2 FAST/TOOLS subitem mapping
Objects
Currently FAST/TOOLS Objects are not supported however all Items related to
FAST/TOOLS objects are available in the address space.
10.4.2 OPC UA server Alarms and Conditions
The FAST/TOOLS OPC UA server supports the OPC UA condition types mapping as
shown in Table 8
Condition Type FAST/TOOLS Alarm Type Node Name
ExclusiveLevelAlarmType Double, Integer LevelAlarm
OffNormalAlarmType Boolean, String OffNormalAlarm

Table 10-1 Alarm types

Figure 10-1 LevelAlarm and OffNormalAlarm shows the OPC UA server alarm
nodes. These node are available if alarming on a FAST/TOOLS item is enabled.
OPC UA Alarm Types information
LimitAlarmType
Reference NodeClass BrowseName DataType ValueRank TypeDefinition ModellingRule
HasSupertype ObjectType AlarmConditionType
HasProperty Variable HighHighLimit Double Scalar PropertyType Optional
HasProperty Variable HighLimit Double Scalar PropertyType Optional
HasProperty Variable LowLimit Double Scalar PropertyType Optional
HasProperty Variable LowLowLimit Double Scalar PropertyType Optional
Table 10-1 LimitAlarmType
LimitAlarmType is an abstract type used to provide a base Type for AlarmConditions with
multiple limits
Alarms can be modelled with multiple exclusive substates and assigned limits or they may
be modelled with nonexclusive limits that can be used to group multiple states together.
Four optional limits are defined that configure the states of the derived limit Alarm Types:
HighHighLimit, HighLimit, LowLimit, and LowLowLimit. These Properties shall be set
for any Alarm limits that are exposed by the derived limit Alarm Types. These Properties
are listed as optional but at least one is required. For cases where an underlying system can-
not provide the actual value of a limit, the limit Property shall still be provided, but will
have its AccessLevel set to not readable. It is assumed that the limits are described using
the same Engineering Unit that is assigned to the variable that is the source of the alarm.
For Rate of change limit alarms, it is assumed this rate is units per second unless otherwise
specified.

The Alarm limits listed may cause an Alarm to be generated when a value equals the limit
or it may generate the Alarm when the limit is exceeded, (i.e. the Value is above the limit
for HighLimit and below the limit for LowLimit). The FAST/TOOLS behaviour when the
value is equal to the limit is equal to exceeding the limit.
ExclusiveLimitAlarmType
Reference Node- Browse- DataType ValueRank TypeDefinition Model-

Class Name lingRule
Has- Object- LimitAlarm-

Supertype Type Type
Has- Variable ActiveState Localized- Scalar TwoStateVariable- Manda-

Component Text Type tory
HasCompo- Object LimitState ExclusiveLimit- Manda-

nent StateMachineType tory
Table 10-2 ExclusiveLimitAlarmType
ExclusiveLimitAlarmType is used to specify the common behaviour for Alarm Types with
multiple mutually exclusive limits.
The LimitState is a Substate of the ActiveState and has a IsTrueSubstate reference to the
ActiveState.
Object LimitState
The Object LimitState represents the actual limit that is violated in an ExclusiveLimi-
tAlarm.
When the ActiveState of the AlarmConditionType is inactive the LimitState shall not be
available and shall return NULL on read. Any Events that subscribe for fields from the
LimitState when the ActiveState is inactive shall return a NULL for these unavailable
fields.
ExclusiveLevelAlarmType
Reference NodeClass BrowseName DataType ValueRank Type Model-

Definition lingRule
Has- ObjectType ExclusiveLimitAlarm-

Supertype Type
Table 10-3 ExclusiveLevelAlarmType
The ExclusiveLevelAlarmType is a special level Alarm utilized with multiple mutually

exclusive limits.
A level Alarm is commonly used to report when a limit is exceeded. It typically relates to
an instrument – e.g. a temperature meter. The level Alarm becomes active when the
observed value is above a high limit or below a low limit.

DiscreteAlarmType

Definition lingRule
Has- ObjectType AlarmCondition-

Supertype Type
Table 10-4 DiscreteAlarmType
Used to classify Types into Alarm Conditions where the input for the Alarm may take on
only a certain number of possible values (e.g. true/false, running/stopped/terminating).
OffNormalAlarmType

Definition lingRule
Has- ObjectType Discrete-

Supertype AlarmType
Has- Variable NormalState NodeId Scalar PropertyType Mandatory

Property
Table 10-5 OffNormalAlarmType
The OffNormalAlarmType is a specialization of the DiscreteAlarmType intended to repre-

sent a discrete Condition that is considered to be not normal.
This subtype is usually used to indicate that a discrete value is in an Alarm state, it is active
as long as a non-normal value is present.
Variable NormalState
The NormalState Property is a Property that points to a Variable which has a value that cor-
responds to one of the possible values of the Variable pointed to by the InputNode Property
where the NormalState Property Variable value is the value that is considered to be the nor-
mal state of the Variable pointed to by the InputNode Property. When the value of the Vari-
able referenced by the InputNode Property is not equal to the value of the NormalState
Property the Alarm is Active. If this Variable is not in the AddressSpace, a Null NodeId
shall be provided.
Using UaExpert, FAST/TOOLS OPC UA alarms can be monitored and acknowledged.
10.4.3 OPC UA server Historical Data Access (HDA)
FAST/TOOLS items are represented as UA objects in the address space. UA Objects con-
tains properties and one of the properties is “Value”. The Value property is type of Variable
Node. All UA nodes (Properties) have attributes, Access Level and User Access Level
attributes shows History Read flag and Historizing attribute is true if the Item in
FAST/TOOLS is configured for historization.
UaExpert can be used to observe the attributes (Access Level and User Access Level) to
find out HDA support for the selected variable of FAST/TOOLS item object.

The attributes of the selected Node is as shown below.
To view historical data samples in trend view of UaExpert, drag and drop UaNode which
has History Read flag from address space tree view to the configuration window of history
trend view. Next the start time and end time can be applied for which to view history trend
and finally click on the update button to see historical trend view.

User can configure MaxHistoryNextCalls, ReadModified, NumberValuePerNode and

ReturnBound in Configure UaExpert option.
Even though the default value of NumberValuePerNode is 10000, FAST/TOOLS OPC UA

Server supports maximum value of 5000 NumberValuePerNode with continuation point.
The default value of ReturnBound is true. Bound values will be included if ReturnBound
value is true and bound values will be excluded if ReturnBound value is false.

Trouble shooting FAST/TOOLS OPC UA Server
10.5.1 No connection
If FAST/TOOLS is not running on the host machine, the client will time out and show an
error in the logging window. After starting FAST/TOOLS the client should be able to (auto-
matically) connect to the FAST/TOOLS OPC UA server.
It can also happen that a valid user/password is needed to connect to the FAST/TOOLS
OPC UA server. See 7 for information about user authentication.
10.5.2 Fire wall
The FAST/TOOLS OPC UA server uses one TCP/IP port: 34493. Be sure that the fire wall
is not blocking this port.
10.5.3 No entities are visible
FAST/TOOLS entities (item, section or object) needs to have the “OPC Visible” checkbox
checked to be visible and accessible for an OPC UA client.

FAST/TOOLS OPC UA Server FAST/TOOLS OPXUAS setup file
10.6 FAST/TOOLS OPXUAS setup file

The server uses a FAST/TOOLS setup (.sup) file for optional configurations.
File path name: /tls/sup/opxuas.sup
10.6.1 General TAB:
KEYWORD : FTFW_DUR_QUEUE_SIZE = <Message queue size in Kilobytes>

Determines the amount of messages that can be queued at once for an FAST/TOOLS pro-
cess.
KEYWORD : FTFW_MAX_HEART_BEAT_TIME = <interval in milliseconds>

Configures Maximum heart beat interval, milliseconds.
The FAST/TOOLS process has a so called heartbeat. This heart beat is in fact a DUR mes-
sage that is sent periodically to trigger the process in question to perform a periodic action.
The maximum heart beat value of the process sets the maximum speed at which the mean
loop will process messages.
Note:
FTFW_MAX_HEART_BEAT_TIME should be used to tune the BUS/FAST message
(queue load) handling. The BUS/FAST queue load can be monitored in the FAST/TOOLS
performance monitor.
KEYWORD : FTFW_MIN_HEART_BEAT_TIME = <interval in milliseconds>

Configures Minimum heart beat interval, milliseconds.
The FAST/TOOLS process has a so called heartbeat.
question to perform a periodic action. The minimum heart beat value of the process sets
the minimal speed at which the main loop will process messages
KEYWORD : FTFW_THROTTLE_PERCENTAGE
Configures Heartbeat throttle , %
Throttle percentage for read and write queues. If the read or write queue is filled by at least
this percentage the heart-beat will increase.
Note:
FTFW_THROTTLE_PERCENTAGE is currently not used by the FAST/TOOLS OPC UA
server. FTFW_MAX_HEART_BEAT_TIME should be used to
Some extra notes on threads used by the FAST/TOOLS OPC UA server

FAST/TOOLS OPXUAS setup file FAST/TOOLS OPC UA Server
The Main “FAST/TOOLS message interface thread”

This thread is the first thread that becomes active. In this thread all start-up, initial-
ization and shutdown actions are handled. This thread also is responsible for read-
ing the DUR message queue of the server and handling the DUR messages residing
in this queue. Among others, the ITEM/FAST event messages, signalling item
attribute updates, are handled by this thread. When this thread ends, the application
will be ended.
DSS thread
This thread reads and handles DSS events. DSS events become available when a
subscription for DSS events of a specific dataset is active and changes are made to
the dataset records. DSS event subscriptions are active for the following datasets;
Dataset name Usage
ALARM_CURRENT_DF For handling alarms
NAME_DF For handling Model Change Events
NAME_BROWSE Browsing through the FAST/TOOLS address space
SECTION_DF Reading section information
OBJECT_DF Reading object information
ITEM_DF Reading item information
SUB_ITEM_DF Reading sub item information

Table 10-1 DSS event subscriptions
GIN Thread
This thread handles GIN event generation and GIN clean-up. GIN events are gen-
erated when (Item) attribute subscriptions are active and attribute values within
FAST/TOOLS are changed.
KEYWORD : FTFW_FILE_TRANSFER_CHUNK_SIZE = <File transfer chunk size in

Kbytes>
Configures File transfer chunk size, Kbytes.
This parameter sets the size of a chunk used to transfer a file between two BUS/FAST
nodes.The default value is 18K, which is also the maximum value. The minimum value is
1K. A large value gives file transfer a higher priority compared to other messages
exchanged between the nodes. A lower value gives file transfer a lower priority. However,
a lower value will increase the time to transfer the file. Thus it is a tradeoff between the
transfer performance and the influence on other node.
Note:
FTFW_FILE_TRANSFER_CHUNK_SIZE is currently not used by the FAST/TOOLS
OPC UA server.

FAST/TOOLS OPC UA Server FAST/TOOLS OPXUAS setup file
10.6.2 OPC UA Server TAB:
KEYWORD : OPXUAS_OPTIONAL_NODES
Enable OPC UA Optional nodes.
If checked, optional nodes are returned during browse
KEYWORD : OPXUAS_MODEL_CHANGE_EVENTS
Enable OPC UA model change events.
If checked, model change event are enabled.
Model change event are triggered by changes to the FAST/TOOLS configuration. E.g.
when a user changes a property of an item, adds or deletes a section, a model change event
is send to client if that entity belongs to the FAST/TOOLS OPC UA configuration.
KEYWORD : OPXUAS_USE_NAME_NODEIDS
Use FAST/TOOLS entity names for node IDs.
By default a node ID will be a unique number that identifies the entity, which reduces the
network overhead between client and server when compared to passing the entire name for
every request. Selecting this option will use the entity name instead of a unique number,
which can be useful in case engineering changes require repeated inserts and deletes of the
same entities. These actions result in new IDs being generated, a situation that can be unde-
sirable for clients that wish to maintain the same reference regardless of server-side engi-
neering changes.
KEYWORD : OPXUAS_USE_DYNAMIC_SCANRATE
Request fast scanning of items served by the OPC UA server.
This option is useful when serving items from field equipment that are not alway presented
to the user, such as tuning parameters. Items can be scanned at a lower frequency if they are
not currently used to reduce network overhead to the field. This option will request items to
be scanned at a faster rate to improve frequency and accuracy of value updates to the client.
NB: This option is only supported in case the equipment manager to which the item is
related supports fast scanning. For equipment managers that do not support fast scanning,
this option will be ignored.
KEYWORD : OPXUAS_SOURCE_TIME_STAMPS
Enable OPC UA Data updates with FAST/TOOLS source timestamps.
NOTE that these are second based (nnn.000)
If checked, source timestamps are enabled
KEYWORD : OPXUAS_VARIABLE_CACHE_SIZE = <Variable cache size>

FAST/TOOLS OPXUAS setup file FAST/TOOLS OPC UA Server
Configures Variable cache size.

This parameter sets the size of the variable cache. The default value is set to 100000. Each
monitored item need approximate 16 variables (for each attribute). When exceeding
100000/16 (6250) monitored items and performance decreases, this parameter can be
increased.
10.6.3 Logging TAB:
KEYWORD : FTFW_LOG_LEVEL = <option>

Logging level
OPTIONS = None, High, Medium, Low
Set the logging/trace level
Possible options are:
• None - No logging
• High - Most detailed logging.
• Medium - Medium logging level.
• Low - Low level logging.
By default None is assumed.
Activating this option can a large impact on the run-time speed
KEYWORD : FTFW_LOGFILE_SIZE = <Loggging file size in Mbytes>

Configures logging file size, Mbytes.
This parameter sets the maximum logging file size in Mbytes for the FAST/TOOLS pro-
cess. If the logging file size exceeds the maximum the current logging file is closed,
renamed to <logfile>.old and a new logging file is created. The log file can be found at:
\tls\log\OPXUAS.log
KEYWORD : FTFW_LOG_TO_SCREEN
Write logger messages to screen.
If checked, logging messages are also written to screen
OPXUAS.sup file Default values
FTFW_DUR_QUEUE_SIZE = 500
FTFW_MAX_HEART_BEAT_TIME = 50
FTFW_MIN_HEART_BEAT_TIME = 2
FTFW_THROTTLE_PERCENTAGE = 30
FTFW_LOG_LEVEL = None

FAST/TOOLS OPC UA Server OPC-UA Server toolkit configuration file
FTFW_LOGFILE_SIZE = 10
FTFW_LOG_TO_SCREEN = NO
FTFW_FILE_TRANSFER_CHUNK_SIZE = 18
OPXUAS_OPTIONAL_NODES = NO
OPXUAS_MODEL_CHANGE_EVENTS = NO
OPXUAS_SOURCE_TIME_STAMPS = NO
OPXUAS_VARIABLE_CACHE_SIZE = 100000
10.7 OPC-UA Server toolkit configuration file

To configure the FAST/TOOLS OPC UA server the ServerConfig.xml file is used. Next the
FAST/TOOLS OPC UA server defaults of the ServerConfig.xml are listed. System integra-
tors can change these settings to meet the project requirements like port number and
authentication options.
File path name: /tls/exe/ServerConfig.xml
10.7.1 Trace
<UaAppTraceFile>C:\ProgramData\Yokogawa\FAST_TOOLS_UA_SERVER\logs\UaSd-
kCppBundleEval/FAST_TOOLS_UA_SERVERserver.log
Rejected cedrtificates: <RejectedCertificatesDirectory>C:\Program-
Data\Yokogawa\FAST_TOOLS_UA_SERVER/pkiserver/rejected
10.7.2 <SerializerType>Binary
URL of the Endpoint

This URL is used for Discovery and to open the Endpoints in the UA stack if no StackUrl is
configured.
[NodeName] can be used as placeholder for the computer name. -->
<Url>opc.tcp://[NodeName]: 34493
Note 34493 is the official FAST/TOOLS OPC UA server port number.
10.7.3 SecuritySettings
<SecurityPolicy>http://opcfoundation.org/UA/SecurityPolicy#None</SecurityPolicy>
<MessageSecurityMode>None
<SecurityPolicy>http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15</Security-
Policy>
<MessageSecurityMode>Sign
<MessageSecurityMode>SignAndEncrypt
<SecurityPolicy>http://opcfoundation.org/UA/SecurityPolicy#Basic256</SecurityPolicy>
<MessageSecurityMode>Sign

OPC-UA Server toolkit configuration file FAST/TOOLS OPC UA Server
<MessageSecurityMode>SignAndEncrypt
10.7.4 OpenSSLStore:
<CertificateTrustListLocation>C:\Program-
Data\Yokogawa\FAST_TOOLS_UA_SERVER/pkiserver/trusted/certs
<CertificateRevocationListLocation>C:\Program-
Data\Yokogawa\FAST_TOOLS_UA_SERVER/pkiserver/trusted/crl
<IssuersCertificatesLocation>C:\Program-
Data\Yokogawa\FAST_TOOLS_UA_SERVER/pkiserver/issuers/certs
<IssuersRevocationListLocation>C:\Program-
Data\Yokogawa\FAST_TOOLS_UA_SERVER/pkiserver/issuers/crl <ServerCertifi-
cate>C:\ProgramData\Yokogawa\FAST_TOOLS_UA_SERVER/pkiserver/own/certs/FAS
T_TOOLS_UA_SERVERserver.der <ServerPrivateKey>C:\Program-
Data\Yokogawa\FAST_TOOLS_UA_SERVER/pkiserver/own/pri-
vate/FAST_TOOLS_UA_SERVERserver.pem
10.7.5 Server instance information

<ServerUri>urn:[NodeName]:Yokogawa:FASTTOOLS_UA_SERVER</ServerUri>
<ServerName>FASTTOOLS_UA_SERVER@[NodeName]</ServerName>

10.7.6 Build information


<ProductUri>urn:Yokogawa:FASTTOOLS_UA_SERVER</ProductUri>
<ManufacturerName>Yokogawa</ManufacturerName>
<ProductName>OPC UA Server for FASTTOOLS</ProductName>
<SoftwareVersion>0.2.0</SoftwareVersion>
<BuildNumber>1</BuildNumber>

10.7.7 User authentication


<UserIdentityTokens>

<EnableAnonymous>true</EnableAnonymous>

<EnableUserPw>true</EnableUserPw>

<EnableCertificate>false</EnableCertificate>

FAST/TOOLS OPC UA Server OPC-UA Server toolkit configuration file
</UserIdentityTokens>

10.7.8 StackThreadPoolSettings



<Enabled>true</Enabled>

<MinThreads>5</MinThreads>

<MaxThreads>100</MaxThreads>

<MaxJobs>400</MaxJobs>

<BlockOnAdd>true</BlockOnAdd>


Discovery and Security Configuration FAST/TOOLS OPC UA Server
10.8 Discovery and Security Configuration

The information contained in this chapter is based on the Unified Automation SDK docu-
mentation. The text and figures contained in this chapter are copyright Unified Automation
GmbH and reproduced with kind permission.
10.8.1 SDK Specific Configuration
The following page describes the general OPC UA concepts for Discovery and security
configuration.
Please refer to the following pages for SDK specific information:
Server side:
Server Configuration (XML configuration file, INI configuration file)
Client side:
Security Configuration, Getting Started Lesson 4: Discovery and Secure Connection
10.8.2 General Concept
To connect to a server, a client needs information like network address, protocol, and secu-
rity settings. For this purpose, OPC UA defines a set of discovery features.
All information which is required to establish a connection between client and server is
stored in a so-called endpoint. A server can provide several endpoints, each containing
• Endpoint URL (protocol and network address)
• Security Policy (name for a set of security algorithms and key
length)
• Message Security Mode (security level for exchanged messages)
• User Token Type (types of user authentication supported by the
server)
If several OPC UA servers exist, a Discovery Server can be used to provide information of
available servers. Servers can register at the Discovery Server. Clients may then request a
list of all available servers from the discovery server and then use the GetEndpoints service
to get connection information from a server.

FAST/TOOLS OPC UA Server Discovery and Security Configuration
The initial configuration on client and server side, the different options to find available
servers, and the connection establishment between client and server is described in the fol-
lowing sections.
10.8.3 Certificates, Certificate Store and Trust List
To identify itself to communication partners, each installed OPC UA application or devices

needs an Application Instance Certificate and an associated public/private key pair. The
public key is distributed with the certificate. The private key has to remain secret and is
used to sign and/or encrypt messages. A communication partner can use the public key to
verify the trust relation, check the signature of messages, and encrypt messages. The Appli-
cation Instance Certificate, including the public and private key, can either be generated by
the application or provided by an administrator.
Certificates are filed in a Certificate Store, containing separate locations for trusted and
own certificates, as well as certificates from certificate authorities used to verify certificate
chains. An additional rejected location may contain certificates of applications that tried to
connect but are not trusted yet.
Certificates issued by the application are called self-signed certificates. They are typically
generated during installation of the application or at first start. To establish a trust relation
between an OPC UA client and server, the self-signed certificates of the communication
partner are installed to the trust list. The client certificate is installed to the trust list of the
server and the server certificate to the trust list of the client. If the certificate of an applica-
tion is removed from the trust list, a communication establishment is no longer possible.
Certificates signed by Certificate Authorities (CA) enable central trust management for a
group of OPC UA applications or devices. In this case, just the CA certificate must be
installed to the trust list of the OPC UA applications. After the CA certificate is installed,
all other applications with certificates signed by the CA are able to communicate with each
other. To be able to exclude previously trusted applications from the communication, the
CA maintains a Certificate Revocation List (CRL). Each installed CA certificate must have
an associated, up-to-date CRL installed. This CRL is required for a verification of the trust
relation. The OPC UA Global Discovery Server definition provides a mechanism for cen-
tral management of CA signed certificates and update of the corresponding CRLs. CA cer-
tificates can build a chain, e.g. a root CA for a company, a CA for a site where the site CA

is signed by the root CA and a CA for a production line in the site. An OPC UA application
in the production line would only trust the CA for the production line. The other CA certif-
icates are only used to verify the chain.
A file based certificate store contains the following directories. Names and structure may
differ between applications.
• Own
Application Instance Certificate and private key of the application
• Trusted
Self-signed certificates of trusted OPC UA applications or CA certificates for
trusted CAs. Each CA certificate comes with a CRL that requires frequent updates.
• Issuers
CA certificates that are not directly trusted but required to verify a chain of CA cer-
tificates. Each CA certificate comes with a CRL that requires frequent updates.
In addition, there is typically a Rejected directory where the OPC UA application can store
certificates from other OPC UA applications that tried to connect but were not trusted.
Administrators can move certificates from Rejected to Trusted if the application is allowed
to connect.
10.8.4 Initial Server Configuration
The following figure shows the initial configuration of a server after installation.
The configuration consists of

• an application instance certificate identifying the server installation
• a certificate store, including a list of trusted and rejected application
instance certificates
• at least one endpoint (see below)

Endpoints
A server has to provide (at least one) endpoint(s) where clients can connect to. A client uses
the Discovery URL (normally identical to the Endpoint URL) to request the list of end-
points including the security configuration from a server. This request through the GetEnd-
points service always works without security. The Discovery URL is normally provided by
Discovery servers.
The Endpoint URL provides the basic information that clients need to connect to a server,
including the protocol, the host name or IP address, and the port number, e.g.
opc.tcp://localhost:48020. In addition, the client needs to know the following security
options configured on the server.
OPC UA defines Security Policies and a unique URI for each policy:
Security Policy URI
• Basic256Sha256
http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256
• Basic256
http://opcfoundation.org/UA/SecurityPolicy#Basic256
• Basic128Rsa15
http://opcfoundation.org/UA/SecurityPolicy#Basic128Rsa15
(no longer considered as secure)
• None
http://opcfoundation.org/UA/SecurityPolicy#None
Three Message Security Modes are supported:

• None
No security is applied.
• Sign
All messages are signed but not encrypted.
• Sign&Encrypt
All messages are signed and encrypted.
Note
For security reasons, the Security Policies Basic128Rsa15 and None as well as the Mes-
sage Security Mode None should be deactivated by default.
Currently, OPC UA supports the following User Identity Token Types
• Anonymous Identity Token

No user information is available.
• Username Identity Token

A user identified by user name and password.
• X.509 Identity Token

A user identified by an X509v3 Certificate.
• Issued Identity Token

A user identified by a WS-SecurityToken.
A typical set of endpoints could be:
Endpoint 1
• Endpoint URL opc.tcp://MyServer:48001

• Security Policy Basic256
• Message Security Mode Sign, SignAndEncrypt
• User Token Type Username, X.509
Endpoint 2
• Endpoint URL opc.tcp://MyServer:48001
• Security Policy Basic256Sha256
• Message Security Mode Sign, SignAndEncrypt
• User Token Type Username
Discovery Server
Servers may register at so-called Discovery Servers so that they can be discovered by cli-
ents. The registration process is described further on for the different Discovery options.
A Local Discovery Server (LDS) on a network node is only necessary if more than one
OPC UA server is available, e.g. on a Windows PC with several OPC UA servers installed.
In this case, the LDS is listening on port 4840, which is the IANA registered port for OPC
UA. OPC UA clients start the discovery process with FindServers using this port.
OPC UA servers on devices or other systems with just one server use port 4840 directly.
There is no need for a LDS in this case. Every OPC UA server implements the FindServers
service returning itself.
10.8.5 Initial Client Configuration
The following figure shows the initial configuration of a client after installation:

The configuration consists of

• an application instance certificate to identify the client application
• a certificate store, including a list of trusted certificates
• list of server endpoints (see below)
List of Server Endpoints

A client can find servers using the different Discovery options and retrieve the information
it needs to connect to a server via the OPC UA service GetEndpoints. To avoid having to
repeat this Discovery process before each connection attempt, most clients will store the
server endpoint information for a configured server.
10.8.6 Connection Configuration
Once a client has found the server it intends to connect to, the client is able to call GetEnd-
points. The server returns a list of endpoints it provides, including the security configura-
tion (see above) as well as its certificate (including the server’s public key).
For being able to establish a secure connection to the server, the client has to trust the
server’s certificate, i.e. the certificate has to be added to the trust list. Usually, a dialog win-
dow will open and prompt the user to examine the certificate and decide whether it should
be trusted.
The following screenshot shows the respective dialog window in UaExpert when trying to
connect to a server for the first time. It displays the content of the server’s certificate and
allows the user to decide whether to trust the certificate or not. If the user chooses “Trust
Server Certificate”, it is stored in the folder trusted/certs in UaExpert’s PKI certificate
store.

Having trusted the certificate, the client is able to check the signature of messages from the
server and encrypt messages to be sent to the server. After saving the endpoints to the
server connection list, the client configuration is finished.
Now the client can attempt to create a secure channel with the server, sending along its
Application Instance Certificate (including the public key of the client). This first connec-
tion attempt will be rejected, because the server doesn’t trust the client yet.

Trusting the client’s certificate is a manual step on the server. Usually, a server administra-
tor has to move the client certificate from the list of rejected to the list of trusted certifi-
cates.
When using the SDK Demo Server, this can be done using the administration tool as shown
in the following screenshot. The “Certificates” tab lists the certificates in the server’s Cer-
tificate Store. Certificates from the Trusted directory are shown as trusted and the certifi-
cates from the Rejected directory are shown as untrusted. UaExpert’s certificate is shown
as “Untrusted”. Right clicking on the certificate and choosing “Trust” from the context
menu moves the certificate from the folder rejected to trusted/certs in the server’s Certifi-
cate Store.
After this step, the server is configured.

The next attempt of the client to create a secure channel will succeed, and it is able to create
and activate a session with the server.
10.8.7 Discovery
Before a client can connect to a server, it needs to collect information. Therefore, OPC UA
defines three different discovery options:
• Local Discovery
• Multicast Subnet Discovery
• Global Discovery
Local Discovery
If a client does know that there are OPC UA servers running on a certain host, but doesn’t
have detailed connection information, it can construct a connection URL from the host
name and the standard OPC UA port 4840 (e.g. opc.tcp://localhost:4840 or opc.tcp://tar-
getHost:4840). This URL is then used to connect to the discovery server and to call Find-
Servers.
If more than one OPC UA server is installed on a system, a Local Discovery Server (LDS)
is running on port 4840. The LDS maintains a list of available servers which may be used

by servers to announce their existence to clients.
To be visible for local discovery, servers have to register at the LDS using either the
RegisterServer2 or the RegisterServer service. The registration with the LDS requires secu-
rity configuration. Therefore, the server certificate must be installed in the trust list of the
LDS.
If only one server is installed, a separate LDS is not necessary and the server itself will use
the port 4840 and will respond to FindServers returning itself.
Multicast Subnet Discovery
For situations where the client doesn’t know the available servers on the network, OPC UA
defines the use of mDNS, a standardized multicast extension to DNS also known as zero-
conf. mDNS defines mechanisms for name resolution without a central DNS server as well
as service discovery functionality. This ad-hoc discovery typically works only within a sub-
net.
For regular OPC UA applications, the functionality is provided by Local Discovery Servers
with multicast extension (LDS-ME). Servers registered with the LDS are automatically
announced via LDS-ME. Servers registered with RegisterServer2 can also provide a list of
server capabilities that can be used for filtering the list of available servers.
Another feature of an LDS-ME is the creation of a local cache with OPC UA servers
announced via mDNS.
Clients can retrieve this list by calling the service FindServersOnNetwork on the local
LDS-ME.
Global Discovery Server
The OPC UA Global Discovery Server (GDS) concept allows the configuration of a net-
work wide discovery of OPC UA servers that is not limited to a subnet like mDNS. In addi-
tion, it provides functionality for central certificate management including the distribution
of CA signed certificates and related Certificate Revocation Lists (CRL). A GDS is a com-
plete OPC UA Server and therefore provides the only secure discovery option.
For the discovery functionality, OPC UA servers must be registered as application with the
GDS when they are installed within the network. The registration requires security and
administrative rights on the GDS.

OPC UA clients can query the GDS for available servers using different filter options (like
capability filter of a string pattern matching on product or application URIs).
If the GDS is registered at different LDS-MEs in different subnets, the GDS can be found
by clients using FindServersOnNetwork on the local LDS-ME.
10.8.8 Certificate Management with GDS
OPC UA applications registered with a GDS can use the GDS also for central certificate
management.
The GDS can manage self-signed certificates, but the main use case is the management of a
Certificate Authority (CA), the generation of CA signed Application Instance Certificates,
and the distribution of the CA related Certificate Revocation Lists (CRL). More details
regarding Certificates can be found in Certificates, Certificate Store and Trust List.
The OPC UA interface DirectoryType provides application registration and discovery func-
tionality. The OPC UA interface CertificateDirectoryType of the GDS encapsulates a CA
or the communication with the CA and the related certificate management functionality.
The certificate management includes

• the initial set-up of an Application Instance Certificate
• regular updates of the trust list and CA related Certificate
Revocation Lists
• renewal of Application Instance Certificates
The initial application set-up requires administrative rights. The first step is the registration
of the client or server applications using DirectoryType::RegisterApplication. Registered
servers are returned in calls to DirectoryType::QueryServers.
The second step is the creation of a CA signed certificate. A call to CertificateDirectory-

Type::StartSigningRequest is used to send a certificate signing request to the CA. With this
method, the private key is kept in the client and server application and is only used to sign
the request. The CA uses the request to create and sign the public key. An alternative is the
creation of a private and a public key using the method CertificateDirectoryType::Start-
NewKeyPairRequest. After the request is processed by the GDS, the new certificate can be
used by the OPC UA application. The initial set-up also includes the initial transfer of the
trust list for the application from the GDS to the application.
Since a CA can revoke certificates, the application trust lists and the CA related Certificate
Revocation Lists (CRL) must be updated frequently. If the OPC UA application is a client
or a server with client functionality, the OPC UA application can use CertificateDirectory-
Type::GetTrustList to request the latest trust list and CRLs from the GDS OPC UA server.
This update model is called Pull Certificate Management.
For OPC UA servers without client functionality, the GDS concept defines also a server
side interface called ServerConfigurationType. It allows the management of the server cer-
tificate and the trust list through a standard interface. The management is done through a
GDS client that connects to the GDS on behalf of the server to manage and update the
server through the ServerConfiguration object.
This update model is called Push Certificate Management.
The ServerConfiguration object enables also remote certificate management without a

GDS by using tools like UaExpert.
All certificate management related functionality requires administrative rights and

encrypted communication channels.
End Of Document

Introduction Remote database copy
11 Remote database copy
11.1 Introduction
The existing ACCESS/FAST ODBC interface provides a method for
reading, updating and deleting FAST/TOOLS data set records. This
interface is ideal for reporting or implementing a custom user interface
through an ODBC enabled application. Due to the tight coupling
between this interface and the data sets that are served, applications
performing bulk operations or complex queries may reduce system
performance. Furthermore, the data set tables are presented as-is,
without any form of mapping, making some data visible that only really
has meaning to FAST/TOOLS internally but is not useful for external
applications.
The remote database copy function is intended to better serve

applications that want to perform complex queries on FAST/TOOLS
data and more efficient access to real-time generated data, such as third
party database applications. Rather than access FAST/TOOLS data sets
directly, the new function provides the capability of mapping
information from FAST/TOOLS into a set of duplicated target tables.
This has two advantages. Firstly only the data required by the target
application needs to be exposed. Secondly the application will access the
duplicated tables, not the data sets directly, thereby off loading the
FAST/TOOLS databases from any complex application operations.
11.2 Architecture
The database copy function consists of two main parts; the data capture
module DBCSND and the data exposure module DBCDEM. The data
capture module runs on the FAST/TOOLS server and subscribes to the
data that has been configured for mapping. The data exposure module
can run on the FAST/TOOLS server but also on the same system as the
target RDBMS or on a separate machine, depending on performance and
security requirements. In case you want to run the feature on a separate
node from the FAST/TOOLS server you will require a BUS/FAST and

Remote database copy Architecture
ACCESS/FAST license containing the “Remote database copy” license.

This module converts the subscribed data from the data capture module
into records for the target table format in an SQLite database. It is this
database that can be accessed from the target application.
11.2.1 Configuration
If your application has an SQLite driver you can access the target tables
by opening the “dbcd_out.db” file on the %TLS_SAV_PATH% folder
of the machine on which the data exposure module is running. More
commonly you will want to link the exposed tables to your RDBMS
directly so that they can be queried in the same way as other database
tables. In this case you should use the SQLite ODBC driver (provided
on the installation medium) to access the target tables and then access
this ODBC data source from your RDBMS. Using this method you can
use the linked server function of Microsoft SQLserver to get the target
table data into you database.
The Engineering module tree contains a new branch “Data exposure”
that makes it possible to select which data you want to make available
for your external database. Specific fields from data sets can be selected,
runtime item data or historical item data. This data will be mapped to a
target table which defines the table layout as seen from the external
database.
11.2.2 Item and history data
As well as subscribing to data set changes, item and historical data can
also be exposed.
When runtime item data is required, item updates will be aggregated and
updated at user-defined periodic intervals. The exposed table will be
updated periodically with the minimum, maximum, and average item
values, as well as a count of the number of data changes over that
interval.
When item history is required, the historical data will be polled from
FAST/TOOLS based on user-defined parameters such as polling rate
and number of samples. Item history records are provided in the target
table as one record per sampling interval, containing comma separated
timestamp/value pairs.
As well as reading data, item values can be written from the remote

Limitations Remote database copy
database. For this purpose a separate table is used . By writing to the

“dbcd_in.db” located on the %TLS_SAV_PATH%, item value, status
and quality can be updated. In case the database application wants to
calculate derived values or combine FAST/TOOLS data with other
application data, this mechanism allows results to be written to items so
they can be stored and presented in FAST/TOOLS.
11.3 Limitations
The database copy function currently has the following limitations:
• Currently only the Windows platform is supported
• Item history data does not support retrieval from specific history
groups or storage types.
• Since the table is locked for writing when is data updated there may
be a delay of at least 10 seconds after writing before the new data
can be read from the table by the application
It is not possible to insert, update or delete data set information or

historical data in FAST/TOOLS using this interface. If this function is
required consider using the classic ODBC interface or quickload
mechanism.

Remote database copy Limitations

YOKOGAWA ELECTRIC
CORPORATION
9-32 Nakacho 2-chome,
Musashino-shi,
Tokyo 180-8750, Japan
tel: +81-422-52-5616
email:
GSC_Sales@ml.jp.yokogawa.com
Reader’s Comment
Manual name: ......................................................................................Version: .........................
Did you find this manual understandable, usable, well organized? Please make suggestions for
improvement.
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
Did you find any errors in this manual? If so, please specify the error and page number.
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
.....................................................................................................................................................
Note: Yokogawa will use comments submitted on this form at its own discretion.
Name:....................................................................................................Date ..............................
Organization: ...............................................................................................................................
Address: .......................................................................................................................................
City and Zip code:........................................................................................................................
Country: .......................................................................................................................................

Instruction Manual: Yokogawa

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Instruction Manual: Yokogawa

Uploaded by

Copyright:

Available Formats

Instruction ACCESS/FAST FAST/TOOLS

Manual System Integrator’s Manual

YOKOGAWA YOKOGAWA ELECTRIC CORPORATION

ACCESS/FAST System Integrator’s Manual iii

4.3.3 OPC server centric basic architectures ......... 4-4

iv ACCESS/FAST System Integrator’s

6.3.2 Server’s threads ............................................6-3

ACCESS/FAST System Integrator’s Manual v

7.6 Tricks and Tips ......................................................... 7-9

vi ACCESS/FAST System Integrator’s

9.9.7 Additional properties ....................................9-8

ACCESS/FAST System Integrator’s Manual vii

10.1.1 Definitions, Abbreviations and Acronyms . 10-1

viii ACCESS/FAST System Integrator’s

10.8 Discovery and Security Configuration ..................10-29

ACCESS/FAST System Integrator’s Manual ix

x ACCESS/FAST System Integrator’s

0.2 Intended Audience

0.3 Structure of this Document

0.4 Associated Documents

ACCESS/FAST System Integrator’s Manual 0-1

[2] HISTORY/FAST System Integrator’s Manual

0-2 ACCESS/FAST System Integrator’s Manual

0.5 Conventions and abbreviations

ACCESS/FAST System Integrator’s Manual 0-3

0-4 ACCESS/FAST System Integrator’s Manual

1.2 Functionality of ODBC

ACCESS/FAST System Integrator’s Manual 1-1

is possible to exchange information between FAST/TOOLS data sets

1.3 Architectural overview of ODBC

1.3.1 General overview of an ODBC interface

The general architectural overview of the ODBC concept is depicted in

1-2 ACCESS/FAST System Integrator’s Manual

ODBC enabled application

ODBC Driver Manager

data data data

Figure 1-1 Architectural overview of the ODBC concept.

ACCESS/FAST System Integrator’s Manual 1-3

1.3.2 ODBC configurations

Microsoft defines two different types of ODBC configurations: the

Server system Server system

Figure 1-2 General concept of a single-tier (left-hand side) and a

1-4 ACCESS/FAST System Integrator’s Manual

single In a single-tier implementation, one can distinguish the following

multiple In a multiple-tier implementation, one can distinguish the following

ACCESS/FAST System Integrator’s Manual 1-5

1.3.3 ODBC conformance levels

1.4 Components of the FAST/TOOLS ODBC

1-6 ACCESS/FAST System Integrator’s Manual

Client System A Client System B

ODBC Driver Manager ODBC Driver Manager

ODBC driver ODBC driver ODBC driver ODBC driver

Data Access Manager

Data Access Software Data Access Software

= ODBC enabled application, e.g. MS Excel

Figure 1-3 Architectural overview of FAST/TOOLS ODBC interface

ACCESS/FAST System Integrator’s Manual 1-7

1.4.2 Client system

As shown in Figure 1-3, the following applications and ODBC

ODBC enabled application environment

It should be noted that on client systems, the 32-bit address versions of

ODBC Driver Manager

The ODBC conformance levels of the third party software products