OPC-UA Connectivity Guide

• Overview
  • What is OPC-UA?
  • Why Use OPC-UA?
  • Who This Guide is For
• Compatible Machines
  • Common OPC-UA Equipment
  • Checking for OPC-UA Support
• Prerequisites
  • Hardware Requirements
  • Software Requirements
  • Information Needed
• Understanding OPC-UA
  • Architecture
  • Data Structure
  • Security Modes
  • Browsing OPC-UA Servers
• Physical Connection
• Enabling OPC-UA on Your Machine
  • Generic OPC-UA Setup
  • Siemens 828/840D SL Setup
  • Brother D-Series Setup
  • Bystronic Setup
• Adding the Machine in MachineMetrics
• Configuring Data Collection
  • Available Data Items
  • OPC-UA Adapter Scripts
  • Tags Configuration
  • Variables and Transformations
  • Data Mapping
• Sample Configurations
  • Siemens 840D Sample Script
  • Brother Sample Script
  • Generic Laser Cutter Script
• Certificate Management
  • Understanding Certificates
  • Accepting Certificates
• OEM-Specific Notes
  • Siemens Sinumerik 828/840D SL
  • Brother D-Series CNC
  • Bystronic
  • Fanuc Robots
  • Other OPC-UA Equipment
• Troubleshooting
  • Connection Issues
  • Authentication Failures
  • Certificate Errors
  • No Data Appearing
  • Firewall Issues
• Best Practices
• Additional Resources
• Getting Help

---

Overview

Siemens 840D sl CNC control panel. Siemens CNC controls (840D sl) use OPC-UA for connectivity, while 840D PL controls require BFC Gateway or I/O. Brother D-Series machines also use OPC-UA.

What is OPC-UA?

OPC-UA (Open Platform Communications Unified Architecture) is a platform-independent, service-oriented architecture for secure and reliable exchange of data in industrial automation. It's an industry standard that ensures seamless information flow among devices from multiple vendors.

Key Characteristics:

• Platform-independent (Windows, Linux, embedded systems)
• Secure communication (encryption, authentication, certificates)
• Rich data modeling capabilities
• Service-oriented architecture
• Maintained by the OPC Foundation

Important Note: Unlike MTConnect or FOCAS, OPC-UA does not standardize the meaning of data points. Each machine make, model, and configuration can have different data structures. This means OPC-UA connections require more initial configuration but provide great flexibility.

Why Use OPC-UA?

When OPC-UA is the Best Choice:

• Machine/controller natively supports OPC-UA
• Need secure, encrypted communication
• Connecting PLCs or automation equipment
• Equipment doesn't support other protocols (FOCAS, MTConnect)
• Connecting diverse equipment types (welders, presses, robots)

Advantages:

• Industry-standard protocol
• Secure by design
• Rich data modeling
• Platform-independent
• Widely supported by automation vendors

Challenges:

• Requires understanding of machine's data model
• Need data map/tag list from manufacturer
• More complex initial configuration
• Certificate management may be required

Who This Guide is For

This guide is for:

• Engineers connecting OPC-UA-capable equipment
• IT personnel configuring secure OPC-UA connections
• Anyone connecting Siemens, Brother, or other OPC-UA machines
• PLC programmers and automation specialists
• System integrators working with diverse equipment

---

Compatible Machines

Common OPC-UA Equipment

CNC Machine Controls:

• Siemens Sinumerik 828D / 840D SL (with OPC-UA license)
• Brother D-Series CNC machines
• Some FANUC robots
• Various DMG MORI machines
• Other modern CNC controls

Manufacturing Equipment:

• Bystronic laser cutters and press brakes
• Industrial robots (ABB, KUKA, Fanuc)
• Automated assembly equipment
• Process machinery

Automation & PLCs:

• Siemens S7 PLCs
• Allen-Bradley (via gateway)
• Beckhoff controllers
• B&R Automation
• Many others

Third-Party OPC-UA Servers:

• Kepware (common gateway/adapter)
• MatrikonOPC
• Softing OPC servers
• Custom implementations

Checking for OPC-UA Support

Check with Manufacturer:

• Consult machine documentation
• Contact machine tool builder support
• Verify control version and options installed
• Ask if OPC-UA license is required

Check on Machine:

• Look for OPC-UA in control settings/menus
• Check license page for OPC-UA option
• Review control software version for OPC-UA support

Verify with Tools:

• Use OPC-UA client software to attempt connection
• Try connecting to opc.tcp://[machine-ip]:4840
• Common ports: 4840, 4855, 49320, 56000 (varies by implementation)

---

Prerequisites

Hardware Requirements

• Machine or equipment with OPC-UA server capability
• MachineMetrics Edge device (deployed and activated)
• Ethernet cable (CAT5/CAT6)
• Network access between machine and Edge device

Software Requirements

• OPC-UA server enabled on machine/controller
• OPC-UA license (if required by manufacturer)
• OPC-UA client tool for browsing (UaExpert, opcua-commander, etc.)
• Data map or tag list from machine manufacturer

Information Needed

Before starting, gather:

• Machine IP address
• OPC-UA port number (typically 4840)
• Username and password (if authentication required)
• Security mode and policy (if applicable)
• Data map/tag list showing:
  • Node IDs for relevant data
  • What each tag represents (status, part count, etc.)
  • Data types and units
• Certificate requirements (if any)

---

Understanding OPC-UA

Architecture

OPC-UA uses a client-server model:

Machine/Controller (OPC-UA Server)
     ↓
Network (TCP/IP)
     ↓
MachineMetrics Edge Device (OPC-UA Client)
     ↓
MachineMetrics Cloud

Components:

• Server: Runs on machine/controller, exposes data
• Client: MachineMetrics Edge device, reads data
• Address Space: Hierarchical structure of available data nodes
• Nodes: Individual data points with unique identifiers

Data Structure

OPC-UA data is organized in a tree-like address space with nodes.

Node ID Format:

• ns=2;s=/Channel/State/progStatus (string identifier)
• ns=3;i=1001 (integer identifier)
• ns=4;g=A7B3... (GUID identifier)

Where:

• ns = namespace index
• s = string identifier
• i = integer identifier
• g = GUID identifier

Data Types:

Simple Types:

• String, Boolean, DateTime
• Double, Float, Int32, Int64
• Guid, LocalizedString

Complex Types:

• Objects (structures with properties)
• Enumerations (predefined value sets)
• Arrays (ordered collections)

Example:

Node: ns=2;s=/Channel/State
  ↳ Property: progStatus (Int32)
  ↳ Property: opMode (String)
  ↳ Property: actParts (Int32)

Security Modes

OPC-UA supports multiple security configurations:

Mode	Description	Use Case
None	No encryption, no authentication	Testing, internal networks only
Sign	Data is signed (integrity)	Standard security
SignAndEncrypt	Data signed and encrypted	High security environments

Common Security Policies:

• None - No security
• Basic128Rsa15 - Older security standard
• Basic256 - Common standard
• Basic256Sha256 - Modern, recommended standard

Browsing OPC-UA Servers

Before configuring MachineMetrics, you need to browse the OPC-UA server to find relevant data nodes.

Option 1: GUI Client (Recommended for most users)

UaExpert (Free from OPC Foundation):

• Download: opcfoundation.org/products/view/uaexpert
• Windows only (7 or higher)
• Intuitive graphical interface
• Easy browsing of address space

Steps:

1. Install UaExpert
2. Add new server connection
3. Enter endpoint URL: opc.tcp://[machine-ip]:[port]
4. Connect (handle certificates if prompted)
5. Browse address space to find data nodes
6. Note node IDs for relevant data

Option 2: Command Line Client

uals (Python OPC-UA tools):

• Source: github.com/FreeOpcUa/python-opcua
• Cross-platform (Windows, Linux, macOS)
• Prints tree-like structure in plaintext

Usage:

uals -u opc.tcp://[address]:[port] -i [namespace_id] -d [tree_depth]

opcua-commander (Interactive terminal client):

• Source: github.com/node-opcua/opcua-commander
• Requires Node.js
• Interactive browsing capability

---

Physical Connection

Step 1: Connect Ethernet Cable

• Plug cable into machine's Ethernet port
• For Siemens CNC: Typically X130 (company network port)
• For Brother: Standard network port on control
• Verify link lights

🔴 CRITICAL WARNING for Siemens CNC Machines:

• Always check your machine documentation for the correct port address
• Port designation varies by machine tool builder (X130 is common, but not universal)
• These machines have complex internal networks and PROFIBUS
• Connecting to the wrong port can BRICK the machine
• NEVER connect to system network ports (192.168.214.x or 192.168.215.x ranges)
• When in doubt, contact your machine tool builder

Step 2: Configure Network

• Set static IP on machine (recommended)
• Document IP address, subnet, gateway
• Ensure machine and Edge device are on same subnet or properly routed

Step 3: Test Connectivity

• Ping machine IP from Edge or computer
• Verify response
• Check firewall allows OPC-UA port

---

Enabling OPC-UA on Your Machine

Generic OPC-UA Setup

For machines with OPC-UA capability:

1. Verify License

   • Check if OPC-UA option is licensed
   • Purchase/install license if needed
   • Verify license is activated

2. Enable OPC-UA Server

   • Access machine settings/configuration
   • Look for OPC-UA, network, or communication settings
   • Enable OPC-UA server function

3. Configure Port

   • Default: 4840
   • Some implementations use different ports
   • Note the port for later

4. Set Authentication

   • Create username and password (if required)
   • Or enable anonymous access (testing only)
   • Document credentials

5. Configure Security

   • Select security mode (None, Sign, SignAndEncrypt)
   • Select security policy (None, Basic256, Basic256Sha256)
   • Balance security needs with compatibility

6. Restart/Reboot

   • Changes typically require restart
   • Follow manufacturer instructions

Siemens 828/840D SL Setup

Prerequisites:

• SINUMERIK Operate installed
• OPC-UA license: 6FC5800-0AP67-0YBO (purchased from Siemens)
• Manufacturer access level password
• Static IP from your IT team

Compatibility:

CNC Software Version	OPC-UA Version Supported
4.5	V2.2 and V3.0 SP1
4.07 SP2-SP5	V2.2 and V3.0 SP1
4.08 SP2-SP3	V2.2 and V3.0 SP1
4.92 and 4.92 HF2	V3.0 SP1

Step 1: Enable Manufacturer Access

1. Select Startup area (🔧 Setup icon)
2. Press Password → Set password
3. Enter manufacturer password: SUNRISE
4. Press OK
5. Status bar should show: "Access level: Manufacturer"

Note: If rejected, the OEM may have changed the default password. Contact machine builder.

Step 2: Set License

1. Go to Startup
2. Press Licenses soft key
3. Navigate to Access MyMachine / OPC UA
4. Check the box under Set
5. If license not available: Purchase from Siemens

Step 3: Set Company Network IP (X130 Port)

🔴 CRITICAL WARNING:

• X130 is the most common port, but always verify with your machine documentation
• Different machine tool builders use different port designations
• These machines have complex internal networks and PROFIBUS
• Connecting to the wrong port can BRICK your machine
• NEVER modify system network (192.168.214.x or 192.168.215.x ranges)
• When in doubt, contact your machine tool builder before proceeding

1. Select Diagnostics
2. Press menu forward key → Choose Bus TCP/IP
3. Select TCP/IP diagnostics → TCP/IP config
4. Select interface X130 (or your machine's designated company network port - verify in documentation)
5. Press Change
6. Set Address Type = Manual (for static IP)
7. Enter network settings:
   • IP Address: Assigned by IT team
   • Subnet Mask: From IT team
   • Gateway: Only if needed for routing outside subnet
8. Press OK
9. Restart the control (mandatory for changes to take effect)

Physical Port Location:

• On SINUMERIK 828D: Typically rear-panel Ethernet port labeled X130
• Verify port designation in your machine documentation
• Use shielded CAT5e/CAT6 cable
• Connect directly to company network switch

Step 4: Configure OPC-UA Server

1. In Startup area, navigate to: Network → OPC UA → Setting → Change

2. Connection Settings:

   • Verify Company network is selected
   • Confirm IP address (your Company IP)
   • TCP Port: 4840 (default, leave unchanged)

3. Authentication:

   • Admin User: Create username (e.g., OpcUaClient)
   • Password: Set secure password (needed for MachineMetrics connection)
   • Allow anonymous access: Uncheck (for security)
   • Accept certificates automatically: Check only for initial testing

4. Activation:

   • Check Activate OPC UA

5. Press OK → Save PCU settings

6. Restart OPERATE for changes to take effect

Step 5: Verify Connectivity

1. From PC on same network: ping [machine-ip]
2. In Startup → Network → OPC UA → Status
3. Confirm server lists Company IP (e.g., 10.1.0.46:4840)
4. Should show Status: OK

Step 6: Accept Certificates

When MachineMetrics Edge first connects:

1. Go to Startup → Network → OPC UA → Certificates
2. Under "Pending Certificates", select the client certificate
3. Press Accept
4. Status page should show connected clients

Step 7: Return to Normal Access Level

1. Go to Startup → Password → Set password
2. Press Cancel or enter user-level password
3. Status bar should return to "Access level: User"

Additional Resources:

• v4.05 SP3 Guide
• v4.07 SP2 Guide
• v4.08 SP1 Guide
• v4.08 SP2 Guide

Brother D-Series Setup

Step 1: Access Communication Menu

1. From main screen, press DATABANK soft key
2. Select 7. Communication parameter
3. Navigate to Ethernet/FTP settings

Step 2: Configure Static IP

⚠️ Important: Brother controls use special numeric format for IP addresses.

1. 0202 - Use DHCP → Set to No
2. 0203 - IP address → Enter IP as 12-digit number
   • Standard format: 172.22.3.34
   • Brother format: 172022003034 (no dots!)
   • Pad each octet to 3 digits
3. 0204 - Mask bit → Typically 255.255.255.0

Step 3: Configure Network Access

1. 0004 - Display slave command alarm → Set to No
2. 0216 - Restrict Ethernet access → Set to No

Step 4: Enable OPC-UA

Navigate to final Ethernet/FTP menu screen:

1. 0235 - OPC UA server function → Set to Valid
2. 0236 - Security communication for client → Set to 2: Type2
3. 0237 - OPC UA security communication → Set security level:
   • 0: No - No username/password (simplest)
   • 1-5 - RSA/AES encryption with authentication

Step 5: Save Settings

1. Press Save and end (bottom left)
2. Or use Overwrite save to continue editing

⚠️ Critical: If you don't save, all changes are lost on shutdown/reboot.

Step 6: Verify Connectivity

1. Press MONITR soft key
2. Select 3. Communication monitor
3. Look for Ethernet (OPC UA) in Port column
4. Message column should show:
   • Sending completed
   • Data sent
   • Output request received

Step 7: Check Ethernet Information

1. In MONITR menu, select Ethernet information
2. Verify displays:
   • IP Address (as configured)
   • Subnet Mask
   • Gateway
   • MAC Address
   • DHCP status

Connection String for MachineMetrics:

opc.tcp://[ip-address]:4840

Example: opc.tcp://10.103.112.62:4840

Sample Script: Brother OPC-UA Sample

Bystronic Setup

Step 1: Enable OPC-UA

1. Navigate to Modules → Administration → Advanced Settings
2. Find OPC-UA setting
3. Enable OPC-UA server

Step 2: Open Firewall Ports

Port 56000 (both TCP and UDP) must be open on both:

• Brake panel PC
• Server

Note: For network-level firewall configuration and Edge device requirements, see the Network Requirements Guide.

Creating Firewall Rules:

For TCP Port:

1. Open Control Panel on machine/server
2. System and Security → Windows Defender Firewall
3. Advanced Settings → Inbound Rules
4. Actions (right side) → New Rule
5. Select Port → Next
6. Select TCP → Enter 56000 for Specific Local Port → Next
7. Select Allow the connection → Next
8. Select Domain, Private, Public → Next
9. Enter name: Bystronic56000TCPPort → Finish

For UDP Port:

1. Actions → New Rule
2. Select Port → Next
3. Select UDP → Enter 56000 → Next
4. Allow the connection → Next
5. Select all profiles → Next
6. Enter name: Bystronic56000UDPPort → Finish

Step 3: Reboot

Reboot the entire machine (not just the PC) for changes to take effect.

Connection Port: 56000

---

Adding the Machine in MachineMetrics

Once OPC-UA is enabled and network is configured:

Step 1: Browse OPC-UA Server First

Before adding in MachineMetrics, use an OPC-UA client to:

• Verify you can connect to the server
• Browse available data nodes
• Document node IDs for relevant data
• Create data map/tag list

Step 2: Log into MachineMetrics

• Navigate to Assets → Machines
• Click Add Machine

Step 3: Enter Machine Details

• Machine Name: Descriptive name
• Make: Manufacturer
• Model: Machine model
• Select Edge Device: Choose your Edge

Step 4: Configure OPC-UA Adapter

• Adapter Type: Select OPC-UA
• Connection String: opc.tcp://[ip-address]:[port]
  • Example: opc.tcp://192.168.1.100:4840
• Username: If authentication required
• Password: If authentication required
• Security Mode: None, Sign, or SignAndEncrypt
• Security Policy: None, Basic256, Basic256Sha256
• Click Test Connection

Step 5: Verify Connection

• Test should return success
• If fails: Check connection string, credentials, firewall
• Click Save when successful

Step 6: Configure Adapter Script

This is where you define which data nodes to collect.

• See OPC-UA Adapter Scripts section
• Use YAML format to define tags, variables, and data items

---

Configuring Data Collection

Available Data Items

Data available through OPC-UA varies widely by implementation. Common items include:

Machine Status:

• Execution state (running, idle, stopped)
• Controller mode (AUTO, MDI, MANUAL)
• Alarm status

Program Information:

• Program name
• Line number
• Block counter

Production Metrics:

• Part count (various methods)
• Cycle time
• Run time

Machine Parameters:

• Spindle speed and load
• Feed rate and override
• Axis positions
• Tool number

Alarms & Diagnostics:

• Active alarms with codes
• Alarm history
• Diagnostic values

Custom Data:

• Process parameters
• Quality measurements
• Automation status
• Equipment-specific values

OPC-UA Adapter Scripts

MachineMetrics uses YAML configuration to map OPC-UA data to our standard model.

Script Structure:

version: 2
username: your-username  # If required
password: your-password  # If required
security-mode: Sign  # None, Sign, or SignAndEncrypt
security-policy: Basic256Sha256  # or Basic256, Basic128Rsa15, None

tags:
  # Define data nodes to monitor
  
variables:
  # Transform and model data
  
data-items:
  # Specify which items to send to MachineMetrics

Tags Configuration

Tags define references to specific nodes in the OPC-UA address space.

Simple Tag (Direct Value):

tags:
  spindle-speed:
    path: ns=2;s=/Nck/Spindle/actSpeed
  program-name:
    path: ns=2;s=/Channel/ProgramInfo/progName

Complex Type Tag (Object with Properties):

tags:
  part-quantity:
    path: ns=2;s=/Laser/CurrentPlan
    property: partQuantity

This retrieves the partQuantity property from the CurrentPlan object.

Variables and Transformations

Variables transform tag values into MachineMetrics standard model.

Pass-Through (No Transformation):

variables:
  spindle-rpm:
    - source: spindle-speed

State Transformation (Conditional Logic):

variables:
  execution:
    - source: prog-status
    - state:
      - INTERRUPTED: this == 1
      - STOPPED: this == 2 or this == 5
      - ACTIVE: this == 3 or this == 4
      - READY: true  # Fallback

Count on Value Change:

variables:
  part-count:
    - source: part-quantity
    - value-change
    - count

Mathematical Operations:

variables:
  execution:
    - source: laser-power
    - state:
      - ACTIVE: this > 0
      - READY: true

Data Mapping

After adapter script is configured, map data items in MachineMetrics:

Step 1: Edit Machine

1. Assets → Machines → [Your Machine]
2. Go to Data Mapping tab
3. Click Refresh List to see new items

Step 2: Map Each Data Item

For each data item from your script:

• Select Type (e.g., "Part Count", "Sample", "Event")
• Select Subtype (e.g., "Actual", "Speed", "Status")
• Assign Component (e.g., "Spindle", "Controller")
• Add Display Name (human-readable description)

Step 3: Save Mappings

• Review all mappings
• Click Save Changes
• Data will now flow to MachineMetrics dashboards and reports

---

Sample Configurations

Siemens 840D Sample Script

version: 2
username: OpcUaClient
password: YourSecurePassword
security-mode: Sign
security-policy: Basic256Sha256

tags:
  tool-group:
    path: ns=2;s=/Channel/State/actToolIdent
  tool-num:
    path: ns=2;s=/Channel/State/actTNumber
  line-number:
    path: ns=2;s=/Channel/ProgramInfo/actLineNumber
  spindle-load:
    path: ns=2;s=/Nck/Spindle/driveLoad
  prog-status:
    path: ns=2;s=/Channel/State/progStatus
  controller-op-mode:
    path: ns=2;s=/Bag/State/opMode
  spindle-speed:
    path: ns=2;s=/Nck/LogicalSpindle/actSpeed
  last-alarm-number:
    path: ns=2;s=/Nck/LastAlarm/alarmNo
  feed-rate:
    path: ns=2;s=/Channel/MachineAxis/actFeedRate
  prog-name:
    path: ns=2;s=/Channel/ProgramInfo/progName
  act-parts:
    path: ns=2;s=/Channel/State/actParts
  feedrate-ovr:
    path: ns=2;s=/Channel/MachineAxis/feedRateOvr

variables:
  execution:
    - source: prog-status
    - state:
      - INTERRUPTED: this == 1
      - STOPPED: this == 2 or this == 5
      - ACTIVE: this == 3 or this == 4
      - READY: true
  controller-mode:
    - source: controller-op-mode
    - state:
      - MANUAL: this == 0
      - MANUAL_DATA_INPUT: this == 1
      - AUTOMATIC: this == 2

data-items:
  - execution
  - controller-mode
  - spindle-speed
  - spindle-load
  - feed-rate
  - feedrate-ovr
  - last-alarm-number
  - line-number
  - tool-group
  - tool-num
  - prog-name
  - act-parts

Note: This script is valid for Siemens 828/840D SL controls. Node paths may differ for other machines.

Brother Sample Script

Sample configuration for Brother D-Series CNC machines available from MachineMetrics support.

Connection:

• Port: 4840
• Security: Typically Type2
• Format IP correctly in control (12-digit numeric)

Generic Laser Cutter Script

version: 2
tags:
  part-quantity:
    path: ns=2;s=Laser.CurrentPlan
    property: partQuantity
  laser-power:
    path: ns=2;s=Laser.CurrentLaserPower
  cut-state:
    path: ns=2;s=Laser.CurrentCutState

variables:
  part-count:
    - source: part-quantity
    - value-change
    - count
  execution:
    - source: laser-power
    - state:
      - ACTIVE: this > 0
      - READY: true

data-items:
  - execution
  - part-count
  - part-quantity
  - cut-state

Explanation:

• part-count: Counts each time part-quantity changes
• execution: ACTIVE when laser power > 0, otherwise READY
• Direct pass-through for part-quantity and cut-state

---

Certificate Management

Understanding Certificates

OPC-UA uses X.509 certificates for security:

• Server Certificate: Identifies the machine/server
• Client Certificate: Identifies MachineMetrics Edge
• Both sides must trust each other's certificates

Accepting Certificates

On Siemens Controls:

1. Startup → Network → OPC UA → Certificates
2. Pending certificates appear when client first connects
3. Select client certificate → Accept
4. MachineMetrics Edge must also trust server certificate (usually automatic)

On Other Controls:

• Process varies by manufacturer
• Check control documentation
• May auto-accept or require manual approval

Testing During Setup:

• Can enable "Accept certificates automatically" initially
• Disable after confirming connection works
• For production, use proper certificate validation

Certificate Errors:

• Usually appear as connection failures
• Check that certificates are accepted on both sides
• Verify certificate hasn't expired
• Check system time/date on both devices

---

OEM-Specific Notes

Siemens Sinumerik 828/840D SL

Key Points:

• Requires OPC-UA license purchase
• Typically uses X130 port (company network) - but always verify with your machine documentation
• CRITICAL: Different machine tool builders use different port designations
• Connecting to the wrong port can brick the machine - these machines have complex internal networks and PROFIBUS
• Never modify system network (192.168.214.x / 215.x)
• Default manufacturer password: SUNRISE
• Port: 4840
• Requires restart after configuration

Version-Specific Guides:

• Different Operate versions have slightly different menus
• See Additional Resources section for version-specific PDFs
• Always verify your Operate version first

Finding Operate Version:

1. Startup area → Version or Version display soft key
2. Look for "SINUMERIK Operate Version" (e.g., 4.7 SP2 HF3)

Brother D-Series CNC

Key Points:

• IP address format is 12-digit numeric (not standard dot notation)
• Port: 4840
• Security Type2 common
• Must save settings or they're lost
• Communication monitor confirms OPC-UA activity

IP Format Examples:

• 172.22.3.34 → Enter as 172022003034
• 10.1.50.200 → Enter as 010001050200
• Pad each octet to exactly 3 digits

Verification:

• Use Communication monitor to verify OPC-UA activity
• Ethernet information screen confirms IP settings

Bystronic

Key Points:

• Port: 56000 (not standard 4840)
• Requires both TCP and UDP firewall rules
• Must reboot entire machine (not just PC)
• Enable in Modules → Administration → Advanced Settings

Unique Port:

• Bystronic uses port 56000 instead of standard 4840
• Must open both TCP and UDP for this port

Fanuc Robots

Key Points:

• Fanuc robots support OPC-UA
• Typically port 4880
• Requires network configuration on robot controller
• Data structure varies by robot model

Contact:

• Fanuc robot support for specific configuration
• MachineMetrics support for adapter script assistance

Other OPC-UA Equipment

Generic Process:

1. Verify OPC-UA is licensed and enabled
2. Determine port number
3. Get data map from manufacturer
4. Use OPC-UA client to browse server
5. Create adapter script based on relevant nodes
6. Work with MachineMetrics support for script development

---

Troubleshooting

Connection Issues

Problem: Can't connect to OPC-UA server

Diagnostic Steps:

1. Verify Network Connectivity

   • Ping machine IP from Edge or computer
   • If ping fails: network problem
   • If ping succeeds: OPC-UA configuration issue

2. Test with OPC-UA Client

   • Use UaExpert or similar tool
   • Try connecting from a computer on same network
   • Try endpoint: opc.tcp://[machine-ip]:[port]
   • If client can't connect: OPC-UA not properly enabled

3. Verify Port Number

   • Common ports: 4840, 56000 (Bystronic), 49320 (Kepware), 4880 (Fanuc robots)
   • Check machine documentation
   • Try different ports if unsure

4. Check Firewall

   • Windows Firewall on control may block OPC-UA port
   • Temporarily disable to test (re-enable after)
   • Or create firewall rule for OPC-UA port

5. Verify OPC-UA Service

   • Check that OPC-UA server is enabled on machine
   • May be in license settings, network settings, or services

Authentication Failures

Problem: Connection fails with authentication error

Solutions:

1. Verify Credentials

   • Double-check username and password
   • Case-sensitive
   • No extra spaces

2. Check Authentication Settings

   • Verify username/password is configured on machine
   • Some machines require creating OPC-UA user account
   • Check if anonymous access is enabled (for testing)

3. Security Mode Mismatch

   • Verify security mode matches machine configuration
   • Try None, Sign, then SignAndEncrypt
   • Must match what machine expects

4. Security Policy Mismatch

   • Verify policy matches machine capability
   • Try None, then Basic256, then Basic256Sha256
   • Older equipment may only support Basic128Rsa15

Certificate Errors

Problem: Certificate validation failures

Solutions:

1. Accept Certificates

   • On machine: Accept MachineMetrics Edge certificate
   • On Edge: Usually accepts automatically
   • Check pending certificates on machine

2. Check System Time

   • Certificates have validity periods
   • If machine or Edge time is wrong, certificates fail
   • Sync time via NTP

3. Regenerate Certificates

   • May need to clear and regenerate
   • Contact MachineMetrics support for assistance

4. Temporary: Disable Certificate Validation

   • For testing only
   • Enable "Accept certificates automatically"
   • Properly configure for production

No Data Appearing

Problem: Connected but no data in MachineMetrics

Solutions:

1. Check Adapter Script

   • Verify YAML syntax is correct
   • Ensure tags reference valid node IDs
   • Test node IDs in OPC-UA client first

2. Verify Data Mapping

   • Assets → Machines → Data Mapping
   • Ensure data items from script are mapped
   • Check for unmapped items

Part Count Issues

Problem: Part counts not incrementing or incorrect

⚠️ CRITICAL FIRST STEP: Verify Machine is Counting Parts

Before troubleshooting MachineMetrics configuration, verify the machine itself is incrementing its internal part counter.

MachineMetrics reads the machine's native part counter via OPC-UA. If the machine isn't counting parts, MachineMetrics cannot report them. Without additional scripting or configuration, MachineMetrics relies entirely on the machine's internal part count signal exposed via OPC-UA.

Check Machine Part Counter:

1. Look at the machine's control screen or HMI
2. Find the part counter display (varies by machine/OEM)
3. Run a cycle
4. Verify the counter increments on the machine itself

If the machine counter is NOT incrementing:

• This is a machine configuration issue, not a MachineMetrics issue
• Machine is not configured to count parts
• Consult machine manual or OEM for part counting configuration
• May require enabling part counting in machine settings

If the machine counter IS incrementing but MachineMetrics shows zero:

• This is a MachineMetrics or OPC-UA configuration issue
• Continue to diagnostic steps below

---

Diagnostic Steps:

1. Verify Part Count Tag in OPC-UA

   • Use OPC-UA client (UaExpert) to browse server
   • Find part count tag/node ID
   • Watch tag value while running machine
   • If tag doesn't increment in OPC-UA client: Machine not exposing part count

2. Check Adapter Script

   • Verify part count tag is referenced in YAML script
   • Ensure node ID is correct (copy from OPC-UA client)
   • Verify data-items includes part count variable

3. Check Data Mapping

   • Assets → Machines → Data Mapping
   • Ensure part count data item is mapped
   • Type should be "Part Count"

4. Test with OPC-UA Client

   • Connect to machine with UaExpert
   • Monitor part count tag in real-time
   • Run a cycle on machine
   • If tag increments in UaExpert but not MachineMetrics: Configuration issue
   • If tag doesn't increment in UaExpert: Machine not counting parts

Common OEM-Specific Notes:

• Bystronic: Look for Production.PartCounter or similar in OPC-UA tree
• Siemens: Check DB (Data Block) for part count variable
• Fanuc Robots: May require program command to increment counter (e.g., R[1]=R[1]+1)

3. Check Machine Status

   • Machine may need to be running to generate some data
   • Verify OPC-UA server is active

4. Review Edge Logs

   • Settings → Edge Devices → Logs
   • Look for OPC-UA errors
   • Check for node ID errors or parsing issues

5. Test with Simple Script First

   • Start with minimal configuration
   • Add one or two tags
   • Verify those work before adding more

Firewall Issues

Problem: Can connect locally but not from network

See Also: Network Requirements Guide for Edge device firewall requirements.

Solutions:

1. Windows Firewall (On Machine)

   • Open Windows Firewall settings
   • Create inbound rule for OPC-UA port
   • Allow TCP and UDP
   • Apply to all profiles

2. Network Firewall

   • Work with IT team
   • Ensure OPC-UA port allowed between machine and Edge
   • May need exception for specific IP addresses

3. Test Locally First

   • On machine control, use OPC-UA client
   • Connect to opc.tcp://localhost:[port]
   • If this works but remote doesn't: firewall

---

Best Practices

Planning:

• Browse OPC-UA server before configuration
• Create comprehensive data map with manufacturer's help
• Start with essential data items, add more later
• Document all node IDs and their meanings

Security:

• Use strong passwords for OPC-UA accounts
• Use Sign or SignAndEncrypt security mode
• Properly manage certificates
• Don't use anonymous access in production
• Use dedicated network for machine connectivity

Network:

• Use static IP addresses
• Document IP, port, and credentials
• Test connectivity before full configuration
• Keep machine firewall rules documented

Configuration:

• Start with simple adapter script
• Test incrementally (add tags one at a time if issues)
• Validate data accuracy against machine display
• Keep backup of working configurations

Data Mapping:

• Use descriptive display names
• Map all relevant data items
• Assign proper types and subtypes
• Review mappings for accuracy

Maintenance:

• Monitor for connection errors in Edge logs
• Keep OPC-UA server software updated
• Review certificate expiration dates
• Document any configuration changes made

Working with Manufacturers:

• Request complete data map/node list
• Ask for recommended node IDs for status, count, etc.
• Get clarification on data types and units
• Request sample configurations if available

---

Additional Resources

OPC Foundation:

• Official website: opcfoundation.org
• OPC-UA specification
• Client tool downloads
• Training and certification

OPC-UA Client Tools:

• UaExpert (GUI, Windows)
• python-opcua (Command line)
• opcua-commander (Interactive terminal)

Standards:

• UMATI (Universal Machine Tool Interface)
• MTConnect OPC-UA Companion Specification
• Industry-specific OPC-UA standards (emerging)

MachineMetrics Resources:

• Machine Connectivity Overview
• Knowledge Base: https://support.machinemetrics.com
• OPC-UA adapter script examples (contact support)

---

Getting Help

Before Contacting Support

Gather this information:

1. Machine Details

   • Make, model, serial number
   • Control type and version
   • OPC-UA license status

2. Network Configuration

   • Machine IP address and port
   • Connection string used
   • Can you ping the machine?

3. OPC-UA Browsing Results

   • Can you connect with UaExpert or other client?
   • What data nodes are available?
   • Node ID examples

4. Current Configuration

   • Adapter script (YAML)
   • Data mapping configuration
   • Any error messages from Edge logs

5. Authentication & Security

   • Security mode and policy used
   • Username (don't include password in emails)
   • Certificate status

Contact Options

MachineMetrics Support:

• Email: support@machinemetrics.com
• Include all information above
• Attach screenshots
• Include adapter script (sanitize passwords)

Machine Manufacturer:

• For OPC-UA license/enablement
• For data map and node ID documentation
• For control-specific configuration
• For software updates

Solution Delivery Manager (SDM):

• For deployment planning
• For adapter script development assistance
• For best practices and optimization

OPC Foundation:

• For protocol questions
• For client tool support
• For standards documentation

---

Ready to connect your OPC-UA machine?

1. Verify OPC-UA support and licensing
2. Browse OPC-UA server to identify data nodes
3. Configure network and enable OPC-UA
4. Create adapter script for your machine
5. Add machine in MachineMetrics
6. Map data items
7. Verify data flow

Questions? Contact support@machinemetrics.com with your machine details and data map.

Need adapter script help? MachineMetrics support can assist with creating custom OPC-UA adapter scripts based on your machine's data structure.