[go: nahoru, domu]
Jump to content

IEC 60870-5: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
m Reverted edits by 83.10.20.215 (talk): addition of unnecessary/inappropriate external links (HG) (3.4.12)
 
(44 intermediate revisions by 36 users not shown)
Line 1: Line 1:
{{Short description|Telecontrol standard}}
{{Context|date=January 2011}}

'''IEC 60870 part 5''' <ref name=Clarke04>Gordon R. Clarke et al, ''Practical modern SCADA protocols: DNP3, 60870.5 and related systems'', Newnes, 2004 ISBN 0-7506-5799-5</ref> is one of the [[IEC 60870]] set of standards which define systems used for telecontrol ([[supervisory control and data acquisition]]) in [[electrical engineering]] and [[power system automation]] applications. Part 5 provides a communication profile for sending basic telecontrol messages between two systems, which uses permanent directly connected data circuits between the systems. The [[IEC TC 57|IEC Technical Committee 57]] (Working Group 03) have developed a [[communications protocol|protocol]] standard for telecontrol, teleprotection, and associated telecommunications for [[electric power]] systems. The result of this work is IEC 60870-5. Five documents specify the base IEC 60870-5:
'''IEC 60870 part 5''' <ref name=Clarke04>Gordon R. Clarke et al, ''Practical modern SCADA protocols: DNP3, 60870.5 and related systems'', Newnes, 2004 {{ISBN|0-7506-5799-5}}</ref> is one of the [[IEC 60870]] set of standards which define systems used for telecontrol ([[supervisory control and data acquisition]]) in [[electrical engineering]] and [[power system automation]] applications. Part 5 provides a communication profile for sending basic telecontrol messages between two systems, which uses permanent directly connected data circuits between the systems. The [[IEC TC 57|IEC Technical Committee 57]] (Working Group 03) have developed a [[communications protocol|protocol]] standard for telecontrol, teleprotection, and associated telecommunications for [[electric power]] systems. The result of this work is IEC 60870-5. Five documents specify the base IEC 60870-5:
* IEC 60870-5-1 Transmission Frame Formats
* IEC 60870-5-1 Transmission Frame Formats
* IEC 60870-5-2 Data Link Transmission Services
* IEC 60870-5-2 Data Link Transmission Services
Line 10: Line 11:


The IEC Technical Committee 57 has also generated companion standards:
The IEC Technical Committee 57 has also generated companion standards:
* IEC 60870-5-101 Transmission Protocols - companion standards especially for basic telecontrol tasks
* IEC 60870-5-101 Transmission Protocols - Companion standards especially for basic telecontrol tasks
* IEC 60870-5-102 Transmission Protocols - Companion standard for the transmission of integrated totals in electric power systems (this standard is not widely used)
* IEC 60870-5-102 Transmission Protocols - Companion standard for the transmission of integrated totals in electric power systems (this standard is not widely used)
* IEC 60870-5-103 Transmission Protocols - Companion standard for the informative interface of protection equipment
* IEC 60870-5-103 Transmission Protocols - Companion standard for the informative interface of protection equipment
Line 20: Line 21:


==IEC 60870-5-101==
==IEC 60870-5-101==
IEC 60870-5-101 [IEC101] is a standard for power system monitoring, control & associated communications for telecontrol, teleprotection, and associated telecommunications for electric power systems. This is completely compatible with IEC 60870-5-1 to IEC 60870-5-5 standards and uses standard asynchronous serial tele-control channel interface between [[Data terminal equipment|DTE]] and [[Data circuit-terminating equipment|DCE]]. The standard is suitable for multiple configurations like point-to-point, star, mutidropped etc.
IEC 60870-5-101 [IEC101] is a standard for power system monitoring, control & associated communications for telecontrol, teleprotection, and associated telecommunications for electric power systems. This is completely compatible with IEC 60870-5-1 to IEC 60870-5-5 standards and uses standard asynchronous serial tele-control channel interface between [[Data terminal equipment|DTE]] and [[Data circuit-terminating equipment|DCE]]. The standard is suitable for multiple configurations like point-to-point, star, multidrop etc.


===Features===
===Features===
* Supports unbalanced (only master initiated message) & balanced (can be master/slave initiated) modes of data transfer.
* Supports unbalanced (only master initiated message) & balanced (can be master/slave initiated) modes of data transfer.
* Link address and ASDU (Application Service Data Unit) addresses are provided for classifying the end station and different segments under the same.
* Link address and [[ASDU]] (Application Service Data Unit) addresses are provided for classifying the [[end station]] and different segments under the same.
* Data is classified into different information objects and each information object is provided with a specific address.
* Data is classified into different information objects and each information object is provided with a specific address.
* Facility to classify the data into high priority (class-1) and low priority (class-2) and transfer the same using separate mechanisms.
* Facility to classify the data into high priority (class-1) and low priority (class-2) and transfer the same using separate mechanisms.
Line 33: Line 34:


===Frame format===
===Frame format===
Character format of IEC 101 uses 1 start bit, 1 stop bit, 1 parity bit & 8 data bits. FT1.2 (defined in IEC 60870-5-1) is used for frame format of IEC 101 which is suitable for [[asynchronous serial communication|asynchronous]] communication with [[hamming distance]] of 4. This uses 3 types of frame formats -
The character format of IEC 101 uses 1 bit each for start, stop and parity, as well as 8 data bits. FT1.2 (defined in IEC 60870-5-1) is used for frame format of IEC 101 which is suitable for [[asynchronous serial communication]] with [[Hamming distance]] of 4. This uses 3 types of frame formats -
''Frame with variable length ASDU'', ''Frame with fixed length'' & ''single character''. Single character is used for acknowledgments, fixed length frames are used for commands & variable lengths are used for sending data. The details of variable length frame is given below
''Frame with variable length ASDU'', ''Frame with fixed length'' & ''single character''. Single character is used for acknowledgments, fixed length frames are used for commands & variable lengths are used for sending data. The details of variable length frame is given below


{|class="wikitable" border="1" style="margin:0 0 1em 1em"
{|class="wikitable" border="1" style="margin:0 0 1em 1em"
|+ IEC 101 Frame Format, Variable length
|-
! colspan="5" | IEC 101 Frame Format, Variable length
|-
|-
!Data unit
!Data unit
Line 44: Line 44:
!Function
!Function
|-
|-
| bgcolor="#D8EC9B" rowspan="5"|'''Start Frame'''
| bgcolor="#d8ec9b" rowspan="5" |'''Start Frame'''
| bgcolor="#D8EC9B" | Start Character
| bgcolor="#d8ec9b" | Start Character
| bgcolor="#D8EC9B" | ''Indicates start of Frame''
| bgcolor="#d8ec9b" | ''Indicates start of Frame''
|-
|-
| bgcolor="#D8EC9B" | Length Field (''*2'')
| bgcolor="#d8ec9b" | Length Field (''*2'')
| bgcolor="#D8EC9B" | ''Total length of Frame''
| bgcolor="#d8ec9b" | ''Total length of Frame''
|-
|-
| bgcolor="#D8EC9B" | Start Character (repeat)
| bgcolor="#d8ec9b" | Start Character (repeat)
| bgcolor="#D8EC9B" | ''Repeat provided for reliability''
| bgcolor="#d8ec9b" | ''Repeat provided for reliability''
|-
|-
| bgcolor="#D8EC9B" | Control Field
| bgcolor="#d8ec9b" | Control Field
| bgcolor="#D8EC9B" | ''Indicates control functions like message direction''
| bgcolor="#d8ec9b" | ''Indicates control functions like message direction''
|-
|-
| bgcolor="#D8EC9B" | Link Address (''0,1 or 2'')
| bgcolor="#d8ec9b" | Link Address (''0,1 or 2'')
| bgcolor="#D8EC9B" | ''Normally used as the device / station address''
| bgcolor="#d8ec9b" | ''Normally used as the device / station address''
|-
|-
| bgcolor="#EDDC9C" rowspan="4"|'''Data Unit Identifier'''
| bgcolor="#eddc9c" rowspan="4" |'''Data Unit Identifier'''
| bgcolor="#EDDC9C" | Type Identifier
| bgcolor="#eddc9c" | Type Identifier
| bgcolor="#EDDC9C" |''Defines the data type which contains specific format of information objects''
| bgcolor="#eddc9c" |''Defines the data type which contains specific format of information objects''
|-
|-
| bgcolor="#EDDC9C" | Variable Structure Qualifier
| bgcolor="#eddc9c" | Variable Structure Qualifier
| bgcolor="#EDDC9C" | ''Indicates whether type contains multiple information objects or not''
| bgcolor="#eddc9c" | ''Indicates whether type contains multiple information objects or not''
|-
|-
| bgcolor="#EDDC9C" | COT (''1 or 2'')
| bgcolor="#eddc9c" | COT (''1 or 2'')
| bgcolor="#EDDC9C" | ''Indicates causes of data transmissions like spontaneous or cyclic''
| bgcolor="#eddc9c" | ''Indicates causes of data transmissions like spontaneous or cyclic''
|-
|-
| bgcolor="#EDDC9C" | ASDU Address (''1 or 2'')
| bgcolor="#eddc9c" | ASDU Address (''1 or 2'')
| bgcolor="#EDDC9C" | ''Denotes separate segments and its address inside a device''
| bgcolor="#eddc9c" | ''Denotes separate segments and its address inside a device''
|-
|-
| bgcolor="#E9C189" rowspan="2"|'''Information Object'''
| bgcolor="#e9c189" rowspan="2" |'''Information Object'''
| bgcolor="#E9C189" |Information Object Address (''1 or 2 or 3'')
| bgcolor="#e9c189" |Information Object Address (''1 or 2 or 3'')
| bgcolor="#E9C189" | ''Provides address of the information object element''
| bgcolor="#e9c189" | ''Provides address of the information object element''
|-
|-
| bgcolor="#E9C189" |Information Elements (n)
| bgcolor="#e9c189" |Information Elements (n)
| bgcolor="#E9C189" |''Contains details of the information element depending on the type''
| bgcolor="#e9c189" |''Contains details of the information element depending on the type''
|-
|-
| bgcolor="#E9C189" |'''Information Object-2'''
| bgcolor="#e9c189" |'''Information Object-2'''
| bgcolor="#E9C189" | -----
| bgcolor="#e9c189" | -----
| bgcolor="#E9C189" |
| bgcolor="#e9c189" |
|-
|-
| bgcolor="#E9C189" |'''-----'''
| bgcolor="#e9c189" |'''-----'''
| bgcolor="#E9C189" | -----
| bgcolor="#e9c189" | -----
| bgcolor="#E9C189" |
| bgcolor="#e9c189" |
|-
|-
| bgcolor="#E9C189" |'''Information Object-m'''
| bgcolor="#e9c189" |'''Information Object-m'''
| bgcolor="#E9C189" |
| bgcolor="#e9c189" |
| bgcolor="#E9C189" |
| bgcolor="#e9c189" |
|-
|-
| bgcolor="#E9988A" rowspan="2"| '''Stop Frame'''
| bgcolor="#e9988a" rowspan="2" | '''Stop Frame'''
| bgcolor="#E9988A" |Checksum
| bgcolor="#e9988a" |Checksum
| bgcolor="#E9988A" | ''Used for Error checks''
| bgcolor="#e9988a" | ''Used for Error checks''
|-
|-
| bgcolor="#E9988A" |Stop Char
| bgcolor="#e9988a" |Stop Char
| bgcolor="#E9988A" | ''Indicates end of a frame''
| bgcolor="#e9988a" | ''Indicates end of a frame''
|-
|-
|}
|}
Line 121: Line 121:


==IEC 60870-5-103==
==IEC 60870-5-103==
IEC 60870-5-103 [IEC103] is a standard for power system control and associated [[communication]]s. It defines a companion standard that enables interoperability between protection equipment and devices of a control system in a substation. The device complying with this standard can send the information using two methods for [[data transfer]] - either using the explicitly specified application service data units (ASDU)or using generic services for transmission of all the possible information. The standard supports some specific protection functions and provides the vendor a facility to incorporate its own protective functions on private data ranges.
IEC 60870-5-103 [IEC103] is a standard for power system control and associated [[communication]]s. It defines a companion standard that enables interoperability between protection equipment and devices of a control system in a substation. The device complying with this standard can send the information using two methods for [[data transfer]] - either using the explicitly specified application service data units (ASDU) or using generic services for transmission of all the possible information. The standard supports some specific protection functions and provides the vendor a facility to incorporate its own protective functions on private data ranges.


===Frame format===
===Frame format===
Line 127: Line 127:


{|class="wikitable" border="1" style="margin:0 0 1em 1em"
{|class="wikitable" border="1" style="margin:0 0 1em 1em"
|+ IEC 103 Frame Format, Variable length
|-
! colspan="5" | IEC 103 Frame Format, Variable length
|-
|-
!Data unit
!Data unit
Line 134: Line 133:
!Function
!Function
|-
|-
| bgcolor="#D8EC9B" rowspan="5"|'''Start Frame'''
| bgcolor="#d8ec9b" rowspan="5" |'''Start Frame'''
| bgcolor="#D8EC9B" | Start Character
| bgcolor="#d8ec9b" | Start Character
| bgcolor="#D8EC9B" | ''Indicates start of Frame''
| bgcolor="#d8ec9b" | ''Indicates start of Frame''
|-
|-
| bgcolor="#D8EC9B" | Length Field (''*2'')
| bgcolor="#d8ec9b" | Length Field (''*2'')
| bgcolor="#D8EC9B" | ''Total length of Frame''
| bgcolor="#d8ec9b" | ''Total length of Frame''
|-
|-
| bgcolor="#D8EC9B" | Start Character (repeat)
| bgcolor="#d8ec9b" | Start Character (repeat)
| bgcolor="#D8EC9B" | ''Repeat provided for reliability''
| bgcolor="#d8ec9b" | ''Repeat provided for reliability''
|-
|-
| bgcolor="#D8EC9B" | Control Field
| bgcolor="#d8ec9b" | Control Field
| bgcolor="#D8EC9B" | ''Indicates control functions like message direction''
| bgcolor="#d8ec9b" | ''Indicates control functions like message direction''
|-
|-
| bgcolor="#D8EC9B" | Link Address (''1 or 2'')
| bgcolor="#d8ec9b" | Link Address (''1 or 2'')
| bgcolor="#D8EC9B" | ''Normally used as the device / station address''
| bgcolor="#d8ec9b" | ''Normally used as the device / station address''
|-
|-
| bgcolor="#EDDC9C" rowspan="4"|'''Data Unit Identifier'''
| bgcolor="#eddc9c" rowspan="4" |'''Data Unit Identifier'''
| bgcolor="#EDDC9C" | Type Identifier
| bgcolor="#eddc9c" | Type Identifier
| bgcolor="#EDDC9C" |''Defines the data type which contains specific format of information objects''
| bgcolor="#eddc9c" |''Defines the data type which contains specific format of information objects''
|-
|-
| bgcolor="#EDDC9C" | Variable Structure Qualifier
| bgcolor="#eddc9c" | Variable Structure Qualifier
| bgcolor="#EDDC9C" | ''Indicates whether type contains multiple information objects or not''
| bgcolor="#eddc9c" | ''Indicates whether type contains multiple information objects or not''
|-
|-
| bgcolor="#EDDC9C" | COT
| bgcolor="#eddc9c" | COT
| bgcolor="#EDDC9C" | ''Indicates causes of data transmissions like spontaneous or cyclic''
| bgcolor="#eddc9c" | ''Indicates causes of data transmissions like spontaneous or cyclic''
|-
|-
| bgcolor="#EDDC9C" | ASDU Address
| bgcolor="#eddc9c" | ASDU Address
| bgcolor="#EDDC9C" | ''Denotes separate segments and its address inside a device''
| bgcolor="#eddc9c" | ''Denotes separate segments and its address inside a device''
|-
|-
| bgcolor="#E9C189" rowspan="3"|'''Information Object'''
| bgcolor="#e9c189" rowspan="3" |'''Information Object'''
| bgcolor="#E9C189" | Function Type
| bgcolor="#e9c189" | Function Type
| bgcolor="#E9C189" | ''Provides function type of the protection equipment used''
| bgcolor="#e9c189" | ''Provides function type of the protection equipment used''
|-
|-
| bgcolor="#E9C189" | Information Number
| bgcolor="#e9c189" | Information Number
| bgcolor="#E9C189" | ''Defines the information number within a given function type''
| bgcolor="#e9c189" | ''Defines the information number within a given function type''
|-
|-
| bgcolor="#E9C189" | Information Elements (n)
| bgcolor="#e9c189" | Information Elements (n)
| bgcolor="#E9C189" | ''Contains details of the information element depending on the type''
| bgcolor="#e9c189" | ''Contains details of the information element depending on the type''
|-
|-
| bgcolor="#E9988A" rowspan="2"| '''Stop Frame'''
| bgcolor="#e9988a" rowspan="2" | '''Stop Frame'''
| bgcolor="#E9988A" |Checksum
| bgcolor="#e9988a" |Checksum
| bgcolor="#E9988A" | ''Used for Error checks''
| bgcolor="#e9988a" | ''Used for Error checks''
|-
|-
| bgcolor="#E9988A" |Stop Char
| bgcolor="#e9988a" |Stop Char
| bgcolor="#E9988A" | ''Indicates end of a frame''
| bgcolor="#e9988a" | ''Indicates end of a frame''
|-
|-
|}
|}
Line 197: Line 196:


==IEC 60870-5-104==
==IEC 60870-5-104==
IEC 60870-5-104 (IEC 104) protocol is an extension of IEC 101 protocol with the changes in transport, network, link & physical layer services to suit the complete network access. The standard uses an open [[TCP/IP]] interface to network to have connectivity to the LAN ([[Local Area Network]]) and routers with different facility ([[ISDN]], [[X.25]], [[Frame relay]] etc.) can be used to connect to the WAN ([[Wide Area Network]]). Application layer of IEC 104 is preserved same as that of IEC 101 with some of the data types and facilities not used. There are two separate link layers defined in the standard, which is suitable for data transfer over Ethernet & serial line (PPP - [[Point-to-Point Protocol]]). The control field data of IEC104 contains various types of mechanisms for effective handling of network data synchronization.
IEC 60870-5-104 (IEC 104) protocol is an extension of IEC 101 protocol with the changes in transport, network, link & physical layer services to suit the complete network access. The standard uses an open [[TCP/IP]] interface to network to have connectivity to the LAN ([[local area network]]) and routers with different facility ([[ISDN]], [[X.25]], [[Frame Relay]] etc.) can be used to connect to the [[wide area network]] (WAN). Application layer of IEC 104 is preserved same as that of IEC 101 with some of the data types and facilities not used. There are two separate link layers defined in the standard, which is suitable for data transfer over Ethernet & serial line (PPP - [[Point-to-Point Protocol]]). The control field data of IEC104 contains various types of mechanisms for effective handling of network data synchronization.


The security of IEC 104, by design has been proven to be problematic,<ref>{{cite journal|last1=Maynard|first1=Peter|last2=McLaughlin|first2=Kieran|last3=Haberler|first3=Berthold|title=Towards Understanding Man-In-The-Middle Attacks on IEC 60870-5-104 SCADA Networks|journal=2nd International Symposium for ICS & SCADA Cyber Security Research 2014|date=11 September 2014|pages=30–42|doi=10.14236/ewic/ics-csr2014.5|url=http://ewic.bcs.org/content/ConWebDoc/53228|accessdate=30 June 2015}}</ref> as many of the other SCADA protocols developed around the same time. Though the IEC technical committee (TC) 57 have published a security standard [[IEC 62351]], which implements end-to-end encryption which would prevent such attacks as replay, man-in-the-middle and packet injection. Unfortunately due to the increase in complexity vendors are reluctant to roll this out on their networks.
The security of IEC 104, by design has been proven to be problematic,<ref>{{cite journal|last1=Maynard|first1=Peter|last2=McLaughlin|first2=Kieran|last3=Haberler|first3=Berthold|title=Towards Understanding Man-In-The-Middle Attacks on IEC 60870-5-104 SCADA Networks|journal=2nd International Symposium for ICS & SCADA Cyber Security Research 2014|date=11 September 2014|pages=30–42|doi=10.14236/ewic/ics-csr2014.5|isbn=9781780172866|url=http://ewic.bcs.org/content/ConWebDoc/53228|access-date=30 June 2015|doi-access=free}}</ref> as many of the other SCADA protocols developed around the same time. Though the IEC technical committee (TC) 57 have published a security standard [[IEC 62351]], which implements encryption tunneling and network monitoring in an effort to address attacks such as packet replay and man-in-the-middle. Due to the increase in complexity and cost, system owners are reluctant to roll this out on their networks.


==References==
==References==
{{Reflist}}
{{Reflist}}


==External links==
== External links ==
* [https://wiki.eclipse.org/EclipseNeoSCADA/IEC60870 Eclipse NeoSCADA™], IEC 60870-5-104 client and server Java implementation in Eclipse NeoSCADA™, [[Eclipse_Public_License|EPL]]-licensed
* [https://www.openmuc.org/iec-60870-5-104/ j60870], IEC 60870-5-104 client and server Java library at openmuc.org, GPL-licensed
* [https://www.openmuc.org/iec-60870-5-104/ j60870], IEC 60870-5-104 client and server Java library at openmuc.org, GPL-licensed
* [https://github.com/pascaldekloe/part5 part5] IEC 60870-5-101 & IEC 60870-5-104 client and server Go implementation, public domain

* [http://www.trianglemicroworks.com/video/videoplaylists/iec-60870-5-training IEC 60870-5 Training Videos]
*[http://www.freyrscada.com/iec-60870-5-101.php IEC 60870-5-101 - RTU Server and Client Simulator, Windows, Linux Development SDK]
*[http://www.freyrscada.com/iec-60870-5-104.php IEC 60870-5-104 RTU Server and Client Master Simulator, Windows, Linux Development SDK]
*[https://the-vinci.com/vinci-software IEC 60870-5-101, IEC 60870-5-103 and IEC 60870-5-104 Slave and Master Simulator for Windows]
{{Automation protocols}}
{{Automation protocols}}
{{List of IEC standards}}

[[Category:Electric power]]
[[Category:IEC 60870]]
[[Category:IEC 60870]]
[[Category:Network protocols]]
[[Category:Network protocols]]
[[Category:Automation]]


[[de:IEC 60870]]
[[es:IEC 60870-5-101]]
[[es:IEC 60870-5-101]]

Latest revision as of 15:43, 25 April 2024

IEC 60870 part 5 [1] is one of the IEC 60870 set of standards which define systems used for telecontrol (supervisory control and data acquisition) in electrical engineering and power system automation applications. Part 5 provides a communication profile for sending basic telecontrol messages between two systems, which uses permanent directly connected data circuits between the systems. The IEC Technical Committee 57 (Working Group 03) have developed a protocol standard for telecontrol, teleprotection, and associated telecommunications for electric power systems. The result of this work is IEC 60870-5. Five documents specify the base IEC 60870-5:

  • IEC 60870-5-1 Transmission Frame Formats
  • IEC 60870-5-2 Data Link Transmission Services
  • IEC 60870-5-3 General Structure of Application Data
  • IEC 60870-5-4 Definition and Coding of Information Elements
  • IEC 60870-5-5 Basic Application Functions
  • IEC 60870-5-6 Guidelines for conformance testing for the IEC 60870-5 companion standards
  • IEC TS 60870-5-7 Security extensions to IEC 60870-5-101 and IEC 60870-5-104 protocols (applying IEC 62351)

The IEC Technical Committee 57 has also generated companion standards:

  • IEC 60870-5-101 Transmission Protocols - Companion standards especially for basic telecontrol tasks
  • IEC 60870-5-102 Transmission Protocols - Companion standard for the transmission of integrated totals in electric power systems (this standard is not widely used)
  • IEC 60870-5-103 Transmission Protocols - Companion standard for the informative interface of protection equipment
  • IEC 60870-5-104 Transmission Protocols - Network access for IEC 60870-5-101 using standard transport profiles
  • IEC TS 60870-5-601 Transmission protocols - Conformance test cases for the IEC 60870-5-101 companion standard
  • IEC TS 60870-5-604 Conformance test cases for the IEC 60870-5-104 companion standard

IEC 60870-5-101/102/103/104 are companion standards generated for basic telecontrol tasks, transmission of integrated totals, data exchange from protection equipment & network access of IEC101 respectively.

IEC 60870-5-101[edit]

IEC 60870-5-101 [IEC101] is a standard for power system monitoring, control & associated communications for telecontrol, teleprotection, and associated telecommunications for electric power systems. This is completely compatible with IEC 60870-5-1 to IEC 60870-5-5 standards and uses standard asynchronous serial tele-control channel interface between DTE and DCE. The standard is suitable for multiple configurations like point-to-point, star, multidrop etc.

Features[edit]

  • Supports unbalanced (only master initiated message) & balanced (can be master/slave initiated) modes of data transfer.
  • Link address and ASDU (Application Service Data Unit) addresses are provided for classifying the end station and different segments under the same.
  • Data is classified into different information objects and each information object is provided with a specific address.
  • Facility to classify the data into high priority (class-1) and low priority (class-2) and transfer the same using separate mechanisms.
  • Possibility of classifying the data into different groups (1-16) to get the data according to the group by issuing specific group interrogation commands from the master & obtaining data under all the groups by issuing a general interrogation.
  • Cyclic & Spontaneous data updating schemes are provided.
  • Facility for time synchronization
  • Schemes for transfer of files-Example:IED's will store disturbance recorder file in the memory, When electrical disturbance is occurred in the field. This file can be retrieved through IEC103 protocol for fault analysis

Frame format[edit]

The character format of IEC 101 uses 1 bit each for start, stop and parity, as well as 8 data bits. FT1.2 (defined in IEC 60870-5-1) is used for frame format of IEC 101 which is suitable for asynchronous serial communication with Hamming distance of 4. This uses 3 types of frame formats - Frame with variable length ASDU, Frame with fixed length & single character. Single character is used for acknowledgments, fixed length frames are used for commands & variable lengths are used for sending data. The details of variable length frame is given below

IEC 101 Frame Format, Variable length
Data unit Name Function
Start Frame Start Character Indicates start of Frame
Length Field (*2) Total length of Frame
Start Character (repeat) Repeat provided for reliability
Control Field Indicates control functions like message direction
Link Address (0,1 or 2) Normally used as the device / station address
Data Unit Identifier Type Identifier Defines the data type which contains specific format of information objects
Variable Structure Qualifier Indicates whether type contains multiple information objects or not
COT (1 or 2) Indicates causes of data transmissions like spontaneous or cyclic
ASDU Address (1 or 2) Denotes separate segments and its address inside a device
Information Object Information Object Address (1 or 2 or 3) Provides address of the information object element
Information Elements (n) Contains details of the information element depending on the type
Information Object-2 -----
----- -----
Information Object-m
Stop Frame Checksum Used for Error checks
Stop Char Indicates end of a frame

Types supported[edit]

  • Single indication without / with 24 / with 56 bit timestamps.
  • Double indication without / with 24 / with 56 bit timestamps.
  • Step position information without / with 24 / with 56 bit timestamps.
  • Measured value – normalized, scaled, short floating point without / with timestamps.
  • Bitstring of 32 bit without / with timestamps.
  • Integrated totals (counters) without / with timestamps.
  • Packed events (start & tripping ) of protection equipments
  • Single commands
  • Double commands
  • Regulating step command
  • Set point commands of various data formats
  • Bitstring commands
  • Interrogation commands
  • Clock synchronization & delay acquisition commands
  • Test & reset commands

--

IEC 60870-5-103[edit]

IEC 60870-5-103 [IEC103] is a standard for power system control and associated communications. It defines a companion standard that enables interoperability between protection equipment and devices of a control system in a substation. The device complying with this standard can send the information using two methods for data transfer - either using the explicitly specified application service data units (ASDU) or using generic services for transmission of all the possible information. The standard supports some specific protection functions and provides the vendor a facility to incorporate its own protective functions on private data ranges.

Frame format[edit]

IEC 103 uses FT1.2 (defined in IEC 60870-5-1) for frame format having options of Frame with variable length, Frame with fixed length & single character similar to IEC 101. Single character is used for acknowledgments, fixed length frames are used for commands & variable lengths are used for sending data. However the frame format of IEC 103 differs from IEC 101 in information object address which is split into function type (ftype) and information number (inumber) in IEC 103. Also IEC 103 can have only single information object in a frame whereas IEC 101 can have multiple information objects. Many of the field sizes are also restricted in IEC 103. The details of variable length frame is given below

IEC 103 Frame Format, Variable length
Data unit Name Function
Start Frame Start Character Indicates start of Frame
Length Field (*2) Total length of Frame
Start Character (repeat) Repeat provided for reliability
Control Field Indicates control functions like message direction
Link Address (1 or 2) Normally used as the device / station address
Data Unit Identifier Type Identifier Defines the data type which contains specific format of information objects
Variable Structure Qualifier Indicates whether type contains multiple information objects or not
COT Indicates causes of data transmissions like spontaneous or cyclic
ASDU Address Denotes separate segments and its address inside a device
Information Object Function Type Provides function type of the protection equipment used
Information Number Defines the information number within a given function type
Information Elements (n) Contains details of the information element depending on the type
Stop Frame Checksum Used for Error checks
Stop Char Indicates end of a frame

Supported Types[edit]

  • Type 1 — Time-tagged message
  • Type 2 — Time-tagged message with relative time
  • Type 3 — Measurands I
  • Type 4 — Time-tagged measurands with relative time
  • Type 5 — Identification
  • Type 6 — Time synchronization
  • Type 7 — Start of General interrogation
  • Type 8 —- General interrogation termination
  • Type 9 — Measurands II
  • Type 10 — Generic data
  • Type 11 — Generic identification
  • Type 23–31 — Used for transferring disturbance files

IEC 60870-5-104[edit]

IEC 60870-5-104 (IEC 104) protocol is an extension of IEC 101 protocol with the changes in transport, network, link & physical layer services to suit the complete network access. The standard uses an open TCP/IP interface to network to have connectivity to the LAN (local area network) and routers with different facility (ISDN, X.25, Frame Relay etc.) can be used to connect to the wide area network (WAN). Application layer of IEC 104 is preserved same as that of IEC 101 with some of the data types and facilities not used. There are two separate link layers defined in the standard, which is suitable for data transfer over Ethernet & serial line (PPP - Point-to-Point Protocol). The control field data of IEC104 contains various types of mechanisms for effective handling of network data synchronization.

The security of IEC 104, by design has been proven to be problematic,[2] as many of the other SCADA protocols developed around the same time. Though the IEC technical committee (TC) 57 have published a security standard IEC 62351, which implements encryption tunneling and network monitoring in an effort to address attacks such as packet replay and man-in-the-middle. Due to the increase in complexity and cost, system owners are reluctant to roll this out on their networks.

References[edit]

  1. ^ Gordon R. Clarke et al, Practical modern SCADA protocols: DNP3, 60870.5 and related systems, Newnes, 2004 ISBN 0-7506-5799-5
  2. ^ Maynard, Peter; McLaughlin, Kieran; Haberler, Berthold (11 September 2014). "Towards Understanding Man-In-The-Middle Attacks on IEC 60870-5-104 SCADA Networks". 2nd International Symposium for ICS & SCADA Cyber Security Research 2014: 30–42. doi:10.14236/ewic/ics-csr2014.5. ISBN 9781780172866. Retrieved 30 June 2015.

External links[edit]

Retrieved from "https://en.wikipedia.org/w/index.php?title=IEC_60870-5&oldid=1220731792"