OPC UA CNC Setup¶
This guide covers connecting CNC machines to Enture via OPC UA. Two controller types are supported:
| Controller type | Use when |
|---|---|
| Siemens (OPC-UA / SINUMERIK) | Siemens SINUMERIK 840D or 828D with the built-in OPC UA server option |
| Generic OPC-UA | Any other machine with an OPC UA server — Heidenhain TNC, Fanuc with OPC UA option, custom PLC OPC UA server |
Before you start¶
- The CNC machine must have its OPC UA server enabled and reachable from the edge computer (network/firewall rules allow TCP on port 4840 by default).
- If you are using certificate-based authentication, upload the certificate and private key via Settings → Assets → Certificates before configuring the machine.
Step 1 — Add the machine¶
- Navigate to Digital Twin → CNC Machines.
- Click Add Machine.
- Fill in the Basic tab:
- Machine ID — unique identifier (e.g.
cnc-003). - Machine Name — friendly display name.
- Workspace — select the workspace this machine belongs to.
- Controller Type — choose Siemens (OPC-UA / SINUMERIK) or Generic OPC-UA.
- IP Address — the OPC UA server's IP address.
- Port — OPC UA port (default 4840).
- Click Create.
Step 2 — Configure OPC UA settings¶
After creating the machine, open it and go to the OPC UA tab.
Connection Security¶
| Field | Description |
|---|---|
| Security Mode | None — plain connection (recommended for internal networks). Sign or Sign & Encrypt — requires a security policy and a client certificate. |
| Security Policy | Visible when Security Mode is not None. Select Basic256Sha256 (recommended), Basic256, or Aes128Sha256RsaOaep. |
| Authentication Mode | Anonymous — no credentials. Username / Password — username and password configured on the OPC UA server. Client Certificate — mutual TLS using a certificate from the platform cert store. |
If Authentication Mode is set to Username / Password, enter the OPC UA server credentials.
If Authentication Mode is set to Client Certificate, select the certificate and private key files from the Client Certificate and Private Key dropdowns. These files must first be uploaded via Settings → Assets → Certificates.
SINUMERIK Variant (Siemens OPC-UA only)¶
Select the SINUMERIK model variant:
- SINUMERIK 840D — 840D sl / 840D pl
- SINUMERIK 828D
Click Load Defaults to pre-populate the node mapping table with the standard SINUMERIK OPC UA paths for that variant. Axis position nodes (X, Y, Z, etc.) are machine-specific and must be added manually — see Finding NodeIDs.
Node Mappings¶
The node mapping table defines which OPC UA node corresponds to each CNC signal that Enture understands.
Each row has:
- Signal — the Enture signal name (selected from a dropdown).
- NodeId — the OPC UA node address as a string (e.g.
ns=2;s=Channel.State.actMode).
For Siemens SINUMERIK: start by clicking Load Defaults, then add axis position rows for your specific machine.
For Generic OPC-UA: the table starts empty. Add a row for each signal your machine exposes, mapping it to the corresponding NodeId.
Available signals¶
| Signal | What it represents |
|---|---|
run_state |
Machine mode (e.g. AUTO, MDI, JOG) |
prog_status |
Program execution status (RUNNING / IDLE / ALARM) |
emergency_stop |
E-stop active flag |
program_name |
Active program name/number |
sequence_number |
Current block sequence number |
feed_rate |
Feed rate in mm/min |
feed_override |
Feed override percentage |
spindle_speed |
Spindle speed in RPM |
spindle_override |
Spindle override percentage |
spindle_load |
Spindle load percentage |
spindle_temp |
Spindle motor temperature °C |
part_count |
Cumulative part count |
depth_of_cut |
Depth of cut in mm |
x_pos |
X axis position |
y_pos |
Y axis position |
z_pos |
Z axis position |
a_pos |
A axis (rotary) position |
b_pos |
B axis (rotary) position |
c_pos |
C axis (rotary) position |
You do not need to map every signal — only map the signals your machine exposes and that you want to monitor.
Mode Encoding (Generic OPC-UA)¶
If the run_state node returns an integer rather than a string, use the Mode Encoding section to define the mapping from integer values to canonical mode names used by Enture.
Example:
| PLC Value | Mode |
|---|---|
| 0 | IDLE |
| 1 | AUTO |
| 2 | MDI |
| 3 | JOG |
If the node already returns string values (AUTO, MDI, etc.) leave this section empty.
Program Status Encoding (Generic OPC-UA)¶
If the prog_status node returns an integer, use the Program Status Encoding section to map it to RUNNING, IDLE, or ALARM.
Example:
| PLC Value | Status |
|---|---|
| 0 | RUNNING |
| 1 | IDLE |
| 2 | IDLE |
Save¶
Click Save OPC UA Config. The configuration is pushed to the edge immediately — no restart is required.
Step 3 — Verify the connection¶
After saving, the edge connector picks up the new configuration automatically. Within a few seconds:
- Open the Live Dashboard for the machine.
- Confirm that live values appear (run state, feed rate, spindle speed, etc.).
- If the machine is in AUTO mode and running, the status indicator should show Running.
If no data appears after 30 seconds, check the edge logs at /src/logs/cncOPCUAConnector.log on the edge computer for connection errors.
Finding NodeID strings¶
To find the correct OPC UA NodeId for a signal on your machine:
- Siemens SINUMERIK — refer to the Siemens SINUMERIK OPC UA Companion Specification. The standard paths are pre-loaded when you click Load Defaults. Axis position nodes follow the pattern
ns=2;s=Nck.MachineAxis.ActPos[n]wherenis the axis index (1 = X, 2 = Y, 3 = Z, etc.). - Heidenhain TNC — refer to the Heidenhain OPC UA documentation for your TNC firmware version.
- Custom PLC OPC UA server — contact the PLC programmer or use an OPC UA client browser (e.g. UaExpert by Unified Automation) to browse the server's address space and identify the NodeIds.
NodeIds follow the format ns=<namespace-index>;s=<identifier> for string identifiers, or ns=<namespace-index>;i=<numeric-id> for numeric identifiers. Both formats are accepted.
Uploading certificates¶
If you use certificate-based authentication:
- Go to Settings → Assets → Certificates.
- Click Upload Certificate and upload the client certificate PEM file. Give it a recognisable name (e.g.
cnc-003-cert). - Upload the private key PEM file separately (e.g.
cnc-003-key). - Return to the machine's OPC UA tab and select the uploaded files from the Client Certificate and Private Key dropdowns.