Inferensys

Glossary

Security Policy

A named set of cryptographic algorithms and key lengths used to secure OPC UA communications, defining the methods for signing, encryption, and key derivation.
Operations room with a large monitor wall for system visibility and control.
CRYPTOGRAPHIC NEGOTIATION

What is Security Policy?

A formal definition of the cryptographic algorithms and key lengths used to establish a secure OPC UA session.

A Security Policy is a named, standardized set of cryptographic algorithms and key lengths that defines the mechanisms for signing, encryption, and key derivation in an OPC UA session. It is a mandatory parameter during the Secure Channel handshake, ensuring both the client and server agree on a specific, non-negotiable security level before any application data is exchanged.

Each policy specifies a complete suite, including the algorithm for symmetric encryption (e.g., AES-256), asymmetric key exchange, and hash-based signing (e.g., SHA-256). By strictly defining these parameters, the Security Policy prevents algorithm downgrade attacks and guarantees a deterministic, interoperable security posture across heterogeneous industrial automation systems.

CRYPTOGRAPHIC GOVERNANCE

Key Characteristics of a Security Policy

A Security Policy in OPC UA defines the mandatory cryptographic algorithms and key lengths used to establish a Secure Channel. It is the foundational contract that dictates how application authentication, message signing, and data encryption are performed between a Client and Server.

01

Algorithm Suite Definition

A Security Policy specifies a complete suite of cryptographic algorithms required for a secure session. It explicitly defines the methods for symmetric encryption (e.g., AES-256), asymmetric key exchange (e.g., RSA-OAEP), digital signatures (e.g., RSA-SHA256), and key derivation (e.g., P-SHA-256). This ensures both endpoints use compatible, non-negotiable ciphers to prevent downgrade attacks.

AES-256
Symmetric Standard
SHA-256
Hash Function
02

Key Length Enforcement

The policy strictly enforces minimum asymmetric and symmetric key lengths to resist brute-force attacks. For example, Basic256Sha256 mandates a 256-bit symmetric key and a 2048-bit RSA key. This prevents connections using deprecated, weak cryptography like the obsolete Basic128Rsa15 profile, which relied on 1024-bit keys and the broken SHA-1 hash.

2048-bit
Min RSA Key
256-bit
Min AES Key
03

Profile Identification URI

Every Security Policy is uniquely identified by a URI string, such as http://opcfoundation.org/UA/SecurityPolicy#Basic256Sha256. During the Secure Channel handshake, the Client presents a list of supported URIs, and the Server selects one. This explicit string matching eliminates ambiguity and ensures strict algorithmic compliance before any application data is exchanged.

04

Perfect Forward Secrecy

Modern policies support Perfect Forward Secrecy (PFS) by utilizing ephemeral Diffie-Hellman key exchange. This ensures that if a server's long-term private key is compromised in the future, past session keys cannot be retroactively decrypted. Policies without PFS, which rely solely on RSA key transport, are vulnerable to historical traffic decryption.

05

Endpoint Security Level

A Security Policy is paired with a MessageSecurityMode in an Endpoint to define the total security posture:

  • None: No security applied.
  • Sign: Messages are signed but not encrypted.
  • SignAndEncrypt: Messages are both signed and encrypted. The policy provides the how, while the mode provides the what.
06

Certificate Trust Model

The Security Policy dictates the acceptable X.509 Certificate profiles for application authentication. It specifies the required key usage extensions (e.g., digitalSignature, keyEncipherment) and validation logic. A mismatch between the certificate's public key algorithm and the policy's asymmetric suite will cause an immediate Bad_SecurityChecksFailed error during the handshake.

SECURITY POLICY CLARIFICATIONS

Frequently Asked Questions

Clear answers to the most common questions about OPC UA Security Policies, their cryptographic foundations, and how they protect industrial communications.

An OPC UA Security Policy is a named set of cryptographic algorithms and key lengths that defines exactly how messages are signed, encrypted, and how session keys are derived during a Secure Channel handshake. When a Client connects to a Server, they negotiate a mutually supported Security Policy from the Server's list of configured Endpoints. The selected policy dictates the symmetric signature algorithm (e.g., AES256-CBC with HMAC-SHA256), the symmetric encryption algorithm, the asymmetric key exchange algorithm (e.g., RSA-OAEP-SHA256), and the key derivation function (e.g., P_SHA256). This ensures both parties use identical, pre-vetted cryptographic suites, eliminating ambiguity and preventing downgrade attacks where an adversary forces weaker ciphers.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.