What is OPC UA PubSub?
OPC UA PubSub is an extension of the OPC UA protocol and stands for Publish/Subscribe communication. Instead of traditional client/server interactions, PubSub makes it possible to distribute data efficiently and at scale, without the receivers needing to be known in advance.
OPC UA PubSub is ideal for Real-time data distribution between field devices, controllers and IT systems – without polling.
🧠 How does OPC UA PubSub work?
- Publishers send data messages to a channel (e.g. multicast or broker)
- Subscribers listen to the topics they have been configured for
- The underlying transport layers can be:
- UDP multicast (layer 2 or 3) – for low-latency publishing to multiple devices
- MQTT or AMQP (via a broker) – for communication via the cloud or IT systems
- Messages contain configured data variables, including metadata and time stamps
- Configuration is handled via UADP (UA Datagram Protocol) or JSON data formats
PubSub provides decoupled communication between devices, increasing scalability and flexibility.
🏭 Use of OPC UA PubSub in industrial networks
- Sending sensor values or process data from a PLC to multiple consumers
- Alarm and event distribution in SCADA without polling
- Real-time synchronisation between systems on the factory floor and Edge Computing platforms
- Connecting field devices to a Historian or Cloud-based systems via MQTT
- Foundation for event-driven automation in Industry 4.0 architectures
OPC UA PubSub supports both field-to-field and field-to-cloud communication.
🔍 OPC UA Client/Server vs. PubSub
| Aspect | Client/Server | PubSub |
|---|---|---|
| Model | Active polling (read/write) | Asynchronous, event-driven |
| Connection | Requires a continuous session | No session – publishers are decoupled |
| Transports | TCP, HTTPS | UDP multicast, MQTT, AMQP |
| Use in OT | SCADA integration, configuration | Real-time distribution, edge integration |
| Scalability | Limited | High – many receivers without extra load |
🔐 Security considerations
- UDP multicast PubSub is not encrypted – use within isolated or segmented networks
- Broker-based variants over MQTT or AMQP support TLS and RBAC
- Use Firewall, ACL and VLAN to filter and segment traffic
- Integrate with SIEM for monitoring of PubSub traffic
- Implement whitelisting of subscribers and topics in the broker configuration
Security depends heavily on the chosen transport mechanism (multicast vs. broker).
📌 In summary
OPC UA PubSub enables scalable, efficient and event-driven communication between devices in OT networks. It is ideal for modern industrial applications that need Real-time data exchange without the limitations of polling or sessions.