EVS-EN IEC 62541-4:2026

IEC 62541-4:2025 defines the OPC Unified Architecture (OPC UA) Services. The Services defined are the collection of abstract Remote Procedure Calls (RPC) that are implemented by OPC UA Servers and called by OPC UA Clients. All interactions between OPC UA Clients and Servers occur via these Services. The defined Services are considered abstract because no particular RPC mechanism for implementation is defined in this document. IEC 62541‑6 specifies one or more concrete mappings supported for implementation. For example, one mapping in IEC 62541‑6 is to UA-TCP UA-SC UA-Binary. In that case the Services described in this document appear as OPC UA Binary encoded payload, secured with OPC UA Secure Conversation and transported via OPC UA TCP. Not all OPC UA Servers implement all of the defined Services. IEC 62541‑7 defines the Profiles that dictate which Services must be implemented in order to be compliant with a particular Profile. A BNF (Backus-Naur form) for browse path names is described in Annex A. This fourth edition cancels and replaces the third edition published in 2020. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) addition of new definitions to Method Call Service to allow optional Method arguments;
b)addition of reference to SystemStatusChangeEventType for event monitored item error scenarios;
c) enhancement of the general description of how determining if a Certificate is trusted;
d) addition of support for ECC;
e) addition of revisedAggregateConfiguration to AggregateFilterResult structure;
f) addition of INVALID to the BrowseDirection enumeration data type;
g) addition of INVALID to the TimestampsToReturn enumeration data type;
h) addition of definitions that make sure the subscription functionality works if retransmission queues are optional;
i) addition of client checks has been added to be symmetric to the Server Certificate check has been added;
j) clarification that ‘local’ top level domain is not appended by server into certificate and not checked by client when returned from LDS-ME;
k) addition of a definition for expiration behaviour of IssuedIdentityTokens;
l) addition of status code Good_PasswordChangeRequired to ActivateSession;
m) restriction of AdditionalInfo to servers in debug mode;
n) addition of new status code Bad_ServerTooBusy;
o) addition of definition for cases where server certificate must be contained in GetEndpoints response.