Skip to content

Wishlist

locka99 edited this page Nov 14, 2017 · 5 revisions

The readme says what the project is but doesn't say where the project wants to go, or areas of improvement. So let's list some here.

General

  1. Identify areas of code that fall short of Rust best practice.
  2. Make the code robust and resilient against attack. e.g. stop malformed data or timeouts from breaking functionality.
  3. Identify why the Rust plugin for IntelliJ works so badly with codebase, pegging the CPU. Is it confused by "use" statements or what?
  4. Sweep the code looking for inefficient use of clone, move etc. Places where temporary objects are being created on the heap that might impact on long term performance.
  5. Consolidate OPC UA's weird naming syntax with Rust's. e.g. should we use GOOD and BAD_UNEXPECTED for status or Good, Bad_Unexpected, or BadUnexpected?
  6. Investigate if enums in OPC UA Schemas can be autogenerated rather than written by hand.
  7. Investigate if tools that read OPC UA schemas can be written in Rust, possibly at compile time, but even not using NodeJS would remove one development dependency.
  8. Consider if some mini convenience crates can be used to reduce the amount of code crud, e.g. replacing nested if statements with a match!() command or similar.

Network IO

  1. At this time, the TCP transport for OPC UA is written via Rust's standard network APIs but it leaves a lot to be desired. e.g. listen and read_exact will block forever which interfere with server robustness.
    1. Investigate if tokio-core and futures can replace the existing transport
  2. There is no https support at all. Perhaps TLS can be supported with a small amount of work, related to work on using tokio-core
  3. Implement multiple chunks. The client / server may like messages to be broken up into chunks to send over the wire. The current comms layer only supports one chunk although the chunking functionality is already written.

Client

The client lags behind the server in terms of functionality and testing. It can connect to a server anonymously over unsecured channel and ask for some values.

  1. Implement Log on with a username and password during activate session
  2. Add cryptographic support.
    1. Create a pki key structure including storing server certs in rejected
    2. Validate server cert for trust
    3. Exchange nonce and signatures
  3. Add subscription and item monitoring. The ability to create a subscription to zero or more items and to monitor those items.
  4. Sample client should be able to exercise all of this functionality
  5. Conform to an OPC UA profile for embedded clients

Server

The server is the main focus of development.

  1. X509 user token identity support
  2. Activate session resumption. If a client disconnects from a server and tries to resume, the server should hold the dead session in storage and allow it to be reconnected. Perhaps the server holds the last 5 sessions in cold storage
  3. Fix performance / lost messages in subscription monitoring. Clients connected to the existing implementation complain of duplicate acknowledgements and other glitches which suggest it is dropping packets. (https://github.com/locka99/opcua/issues/5)
  4. Test all modes of item monitoring, e.g. publish / report modes
  5. Timeouts on dead sessions
  6. Robust limit enforcements to prevent objects exceeding published limits
  7. Discovery server support i.e. the ability to be a discovery server and the ability to publish its availability to another discovery server.

Crypto

Crypto is supplied by OpenSSL through some Rust bindings. OpenSSL is a very robust and comprehensive library but it is written in C which goes against the idea of a Rust implementation of OPC UA. In addition OpenSSL complicates building the product. OpenSSL was also the cause of the One(!) memory exception I've experienced during development.

Replacing OpenSSL requires Rust implementations of the following, preferably from a single, mature crypto crate

  1. AES encryption / decryption
  2. RSA encryption / decryption
  3. Public / private key creation, read and write to .der support
  4. SHA-1 and SHA-256 hashing
  5. X509 certificate creation, read and write to .x509 support
  6. PKCS1 and OAEP padding
  7. Asymmetric signing/verification with RSA + SHA-1 or SHA-256

Samples

Complex server

At the moment there is a simple server - a very simple server that changes a few values. A more complex server needs to be created that:

  1. Exercises every basic type, arrays, read & write support for variables.
  2. Provides a admin console to monitor activity - active sessions, subscriptions etc. This console can become part of the server api in time. Ideally the console should be http.

More samples

  1. It would be nice to implement a sample client that does something useful,
    1. Implement an http server so a consumer can read values over http request or even over a websocket.
    2. Write MQTT / OPC UA bridge, all written with Rust - i.e. values change in server, client pushes events over MQTT.
  2. Implement a sample server that acts as a proxy to 2 or more other OPC UA servers.

Testing

  1. Add an integration test suite to test client and server apis together
  2. Extend tests to more service calls.
  3. Benchmark and long term testing
  4. Review OPC UA test cases online and try to manually or auto test them.
Clone this wiki locally