12 DNP 3.0

12.1 Introduction

DNP3 (Distributed Network Protocol) is a set of communications protocols used between components in process automation systems. Its main use is in utilities such as electric and water companies. It was developed for communications between various types of data acquisition and control equipment. It plays a crucial role in SCADA systems, where it is used by SCADA Master Stations (a.k.a. Control Centers), Remote Terminal Units (RTUs), and Intelligent Electronic Devices (IEDs). It is primarily used for communications between a master station and RTUs or IEDs. ICCP, the Inter­Control Center Communications Protocol (a part of IEC-60870­6), is used for inter­master station communications.

Elseta’s DNP3 stack has both Master and Slave protocols implemented. Both of them are able to serve multiple serial (over physical RS­485 line), TCP or TLS (over TCP) connections with high efficiency.

IEEE­1815 defines 4 subset levels (1­4) that consist of the objects and function codes that must be supported by the master and outstation. Levels 1­3 are supported fully and level 4 is supported partially. To get more information about how DNP3 works and what capabilities are supported one should get a copy of protocol specification and/or check Slave Interoperability List/Configuration guides for both Master and Slave protocols.

To set up TLS connection for both DNP3 Master and Slave, refer to sections Excel configuration and Certificates. All keys and certificates should be provided in the PEM format.

If no configuration is set up, DNP3 Master and Slave services are not started.

12.2 DNP 3.0 Master

Default group and variation sets are used to send commands. If slave devices support different groups and variations, they can be adjusted in Excel configuration. For more information check section Excel configuration.

Configuring datapoints

To use DNP3 Master in WCC Lite, it has to be configured via an Excel configuration. This configuration contains two Excel sheets where parameters have to be filled in ­Devices and Signals.

DNP3 Master parameters for Devices tab
Parameter

Type

Description

Required

Default Value

(when not specified)

Range

TCP/

TLS

Serial Min Max
name string  User-friendly device name Yes Yes

 



description string Description of a device No No

 



device_alias string Alphanumeric string to identify a device Yes Yes


enable boolean Enabling/disabling of a device No No 1 0 1
protocol string Protocol to be used (”dnp3 serial”/”dnp3 tcp” (case insensitive)) Yes Yes
DNP3 TCP, DNP3 serial
mode string Choosing between TCP, TLS and SERIAL modes . If protocol provided DNP3 TCP mode defaults to tcp and if DNP3 serial is provided mode defaults to serial No No

TCP (for DNP3 TCP)

SERIAL

(for DNP3 serial)

TCP, TLS (for DNP3 TCP)

SERIAL (for DNP3 serial)

host string IP address of TCP slave device Yes -


bind_address  string IP address of network adapter used to connect to slave device No No 0.0.0.0

port integer TCP communication port No No 20000

device integer Communication port (”PORT1” or ”PORT2”) - Yes


baudrate integer Communication speed, bauds/s - No 9600 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600,115200
databits integer Data bit count for communication - No 8 6 9
stopbits integer Stop bit count for communication - No 1 1 2
parity string Communication parity option - No none none, even, odd
flowcontrol string Communication device flow control option.  - No none none
tls boolean Enable/disable use of TLS

Yes (for
TLS)
- 0 0 1
tls_local_certificate string Local certificate for TLS connection Yes (for TLS) -


tls_peer_certificate string Certificate authority file for TLS connection No (for
TLS)
-


tls_private_key string File consisting of private key for TLS connection No (for
TLS)
-


max_rx_frag_size integer Maximum size of a received fragment. No No 2048 0 2048
destination_address integer Address of a master station No No 1 0 65535
source_address integer Address of a slave (local) station. No No 1 0 65535
unsol_classes string Defines which classes will have unsolicited actions on startup. (Example: "1,3,2") No No no class 1 3
unsol_disable bool Disables unsolicited messages on startup. The parameter is going to be ignored if unsol_classes parameter has any values assigned. No No 0 0 1
groups_scan_mask integer Bitmask for enabling separate
group scans with x06 qualifier (all objects). The parameter value is converted into a binary number where each bit stands for a separate group. Bits indexes and the groups that the represent:
0 -­ Binary,
1 ­- Double­bit Binary,
2 ­- Binary Output Status,
3 ­- Counter,
4 ­- Frozen Counter,
5 ­- Analog,
6 ­- Analog Output Status,
7 ­- Octet String

(Example: 115 (0111 0011) will trigger data polls for signals whose types are - Binary, Double­bit Binary, Frozen Counter, Analog, Analog Output Status)
No No 0 0 255
groups_scan_interval

integer,

string

Time between separate groups scans intervals in seconds. Set to 0 to disable. No No 0 0
exception_scan_interval

integer,

string

Time between exception scan (classes 1,2,3) intervals in seconds. Set to 0 to disable. No No 0 0
integrity_scan_interval

integer,

string

Time between integrity scan (classes 0,1,2,3) intervals in seconds (general interrogation). Set to 0 to disable. No No 0 0
timesync_mode string Will override masters default setting for choosing timesync procedure No No

NON-LAN (for Serial)

LAN (for tcp)

LAN, NON-LAN

time_sync_interval_sec

integer,

string

Periodic time sync interval in seconds.

If > 0 ­- time syncs are forced and periodic.

If = 0 ­- time syncs react to IIN bits from slave.

If < 0 -­ time syncs are disabled.

No No


select_ms integer Select command timeout. Valid for all signals. No No 10000

timeout_ms integer Response timeout in milliseconds

No

No 2000

keep_alive_timeout integer Time interval for sending a keep alive
packet in milliseconds.
No - 60

 DNP3 Master parameters for Signals tab
Parameter

Type

Description

Required

Default Value

(when not specified)

Range

TCP RTU Min Max
signal_name string User-friendly signal name Yes Yes

 



device_alias string Device alias from a Devices tab Yes Yes


signal_alias
string
Unique alphanumeric name of the signal to be used Yes Yes


enable boolean Enabling/disabling a device No No 1 0 1
index integer Index of a signal. Yes Yes
0 65535
log boolean Enable logging in the event log No No 0 0 1
signal_type string DNP3 signal type. (case
insensitive)

Yes Yes

”binary”,

”doublebitbinary”,

”binaryoutputstatus”,

”binaryoutputcommand”,

”counter”,

”frozencounter”,
”analog”,
”analogoutputstatus”,

”analogoutputcommand”,

”timeandinterval”,
”octetstring”

command_variation integer

DNP3 command variation.
Supported variations depend on signal type and are provided in the table below

No No 1 0 4
static_variation integer DNP3 command variation (). Supported variations depend
on signal type and are provided in the table below.
No No
0, 1, 2, 3, 4, 5, 6, 9, 10
event_variation integer DNP3 command variation. Supported variations depend on signal type and are provided in the table below.

No

No
0 8
control_code
string

DNP3 control model code of CROB signal. TripClose and Pulse control model requires PulseOn/off times to be set

Yes Yes
LATCH, PULSE, TRIPCLOSE
pulse_on_time_ms integer Pulse ON time in milliseconds, when using Pulse or TripClose control models must be set Yes Yes


pulse_off_time_ms integer Pulse OFF time in milliseconds, when using Pulse or TripClose control models must be set Yes Yes


class_num integer Class assignment of the signal. No No 0 0 3
operate_type integer

Default command behaviour. IF selected

”­-1” ­- DirectOperateNoAck (FC=6),

”0” - DirectOperate (FC=5),

"1" - SelectBeforeOperate (FC=3).

No No 1 -1 1
job_todo string The device status signal can be configured by providing one of the given values.

No No

communication_status,
device_running,
device_error,
unknown_error

Device status signals

To configure any device status signal for DNP3 protocol additional job_todo column is required.  For DNP3 master required parameters for status signal will be: signal_name, device_alias, signal_alias, index, signal_type, event_variation (1,2 or 3) and job_todo. There are 4 possible signals: communication_status, device_running, device_error, uknown_error. Each signal has 4 possible values and are based on the same logic. If signal returns value of 0, it means unknown error has appeared, 1 – device or protocol connection is on and working properly, 2 – device is off or protocol is disconnected, 3 – error or service is down.

Command variations
Signal Type Available Command Variation Default Command Variation
Binary Output Command (Group12) 0, 1 1
Analog Output Command (Group41) 0, 1, 2, 3, 4 1

Static and Event variations
Signal Type Available Variations Default Variations
Binary Static variation (Group1) 1, 2
Event variation (Group2) 1, 2, 3
Static variation 2
Event variation 1
Double Binary Static variation (Group3) 2
Event variation (Group4) 1, 2, 3
Static variation 2
Event variation 1
Binary Output Status Static variation (Group10) 1, 2
Event variation (Group11) 1, 2
Static variation 2
Event variation 1
Counter Static variation (Group20) 1, 2, 5, 6
Event variation (Group22) 1, 2, 5, 6
Static variation 1
Event variation 1
Frozen Counter Static variations (Group21) 1, 2, 5, 6, 9,10
Event variation (Group23) 1, 2, 5, 6
Static variation 1
Event variation 1
Analog Static variation (Group30) 1, 2, 3, 4, 5, 6
Event variation (Group32) 1, 2, 3, 4, 5, 6, 7, 8
Static variation 1
Event variation 1
Analog Output Status Static variation (Group40) 1, 2, 3, 4
Event variation (Group42) 1, 2, 3, 4, 5, 6, 7, 8
Static variation 1
Event variation 1
Time and Interval Static variation (Group50) 1 Static variation 1
Octet String Static variation (Group110) 0
Event variation (Group111) 0
Static variation 0
Event variation 0

Debugging the DNP3 Master service

If configuration for DNP3 devices is set up, handler for protocol will start automatically. If configuration is missing or contains errors, protocol will not start. It is done intentionally decrease unnecessary memory usage.

DNP3 protocol runs a service called dnp3-­master. If DNP3 does not work properly (e.g. no communication between devices, data is corrupted, etc.), a user can launch a debug session from command line interface and find out why link is not functioning properly. To launch a debugging session, a user should stop dnp3-­master process and run dnp3-m­aster command with respective flags as in the table given below.

Procedure for DNP3 Master protocol service debugging:

dnp3­-master command line debugging options

Option  Description
­-h [ –help ]  Display help information
­-V [ –version ]  Show version
-p [ –port ] ­Show output for one port only
­-d <debug level> Set debugging level
-­c [ –config ]  Config path
-­a [ –app ] Show application layer data
–l [ –link ]  Show link layer data
–t [ –transport ]  Show transport layer data
-­r [ –redis ]  Show Redis messages
-­R [ –readyfile ]  Ready notification file

12.3 DNP 3.0 Slave

Default group and variation sets are used to send static and event values. If master devices support different groups and variations, they can be adjusted in Excel configuration. WCC Lite supported variations are provided in Static and Event variations and Command variations.

DNP3 Slave parameters for Devices tab
Parameter

Type

Description

Required

Default Value

(when not specified)

Range

TCP/

TLS

RTU Min Max
name string  User-friendly device name Yes Yes

 



description string Description of a device No No

 



device_alias string Alphanumeric string to identify a device Yes Yes


enable boolean Enabling/disabling of a device No No 1 0 1
protocol string Protocol to be used. Yes Yes

dnp3 tcp slave

dnp3 serial slave

mode string Choosing between TCP, TLS and SERIAL modes. If protocol provided DNP3 TCP mode defaults to tcp and if DNP3 serial is provided mode defaults to SERIAL No No TCP or SERIAL TCP, SERIAL, TLS
host string IP address of TCP slave device Yes -


bind_address  string IP address of network adapter used to connect to slave device No  - 0.0.0.0

port integer TCP communication port No  - 20000

device string Communication port (”PORT1” or ”PORT2”) - Yes


baudrate integer Communication speed, bauds/s - No 9600 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600,115200
databits integer Data bit count for communication - No 8 6 9
stopbits integer Stop bit count for communication - No 1 1 2
parity string Communication parity option - No none none, even, odd
flowcontrol string Communication device flow control option.  - No none none
tls boolean Enable/disable use of TLS

Yes (for
TLS)
- 0 0 1
tls_local_certificate string Local certificate for TLS connection Yes (for TLS) -


tls_peer_certificate string Certificate authority file for TLS connection No (for
TLS)
-


tls_private_key string File consisting of private key for TLS connection No (for
TLS)
-


max_tx_frag_size integer Maximum size of a received fragment. No No 2048 0 2048
destination_address integer Address of a master station No No 1 0 65535
source_address integer Address of a slave (local) station. No No 1 0 65535
unsol_classes string Defines which classes will have unsolicited actions on startup. (Example: "1,3,2") No No no class 1 3

time_sync_interval_sec

integer,

string

Periodic time sync interval in seconds.

If 0 < ­- time syncs are forced and periodic.

If = 0 ­- time syncs react to IIN bits from slave.

If < 0 -­ time syncs are disabled.

No No 0 0
select_ms integer Select command timeout. Valid for all signals. No No 10000

timeout_ms integer Response timeout in milliseconds

No

No 2000

keep_alive_timeout integer Time interval for sending a keep alive
packet in milliseconds.
No No 60

DNP3 Slave parameters for Signals tab
Parameter

Type

Description

Required

Default Value

(when not specified)

Range

TCP RTU Min Max
signal_name string User-friendly signal name Yes Yes

 



device_alias string Device alias from a Devices tab Yes Yes


signal_alias
string
Unique alphanumeric name of the signal to be used Yes Yes


enable boolean Enabling/disabling of a device No No 1 0 1
index integer Index of a signal. Yes Yes
0 65535
log bolean Enable logging in event log No No 0 0
deadband integer, string Deadband for Analog, Analog Output Status, Counter, Frozen Counter signals. No No 0

signal_type string DNP3 signal type. (case
insensitive)

Yes Yes

”binary”,

”doublebitbinary”,

”binaryoutputstatus”,

”binaryoutputcommand”,

”counter”,

”frozencounter”,
”analog”,
”analogoutputstatus”,

”analogoutputcommand”,

”timeandinterval”,
”octetstring”

command_variation integer

DNP3 command variation. Supported variations depend on signal type and are provided in table below

No No 1 0 4
static_variation integer Override default signal’s static variation. Valid for Status mode signals. No No
0, 1, 2, 3, 4, 5, 6, 9, 10
event_variation integer

Override default signal’s event variation. Valid for Status mode signals.

No

No
0 8
control_code
string

DNP3 control model code of CROB signal. TripClose and Pulse  controlmodel requires PulseOn/off times to be set

Yes Yes
LATCH, PULSE, TRIPCLOSE
pulse_on_time_ms integer Pulse ON time in milliseconds, when using Pulse or TripClose control models must be set Yes Yes


pulse_off_time_ms integer Pulse OFF time in milliseconds, when using Pulse or TripClose control models must be set Yes Yes


class_num integer Class assignment of this signal. No No 0 0 3
operate_type integer

Default command behaviour.

If selected:

”­-1” ­- DirectOperateNoAck (FC=6),

”0” - DirectOperate (FC=5),

"1" -­ SelectBeforeOperate (FC=3).

No No 1 -1 1
job_todo string Device status signal can be configured by providing one of the given values.

No No

communication_status,
device_running,
device_error,
unknown_error

Device status signals
 

To configure any device status signal for DNP3 protocol additional job_todo column is required. For DNP3 slave required parameters for status signal will be: signal_name, device_alias, signal_alias, index, signal_type, event_variation (1,2 or 3) and job_todo. There are 4 possible signals: communication_status, device_running, device_error, uknown_error. Each signal has 4 possible values and are based on the same logic. If signal returns value of 0, it means unknown error has appeared, 1 – device or protocol connection is on and working properly, 2 – device is off or protocol is disconnected, 3 – error or service is down.

Command variations
Signal Type Available Command Variation Default Command Variation
Binary Output Command (Group12) 0, 1 1
Analog Output Command (Group41) 0, 1, 2, 3, 4 1
Static and Event variations
Signal Type Available Variations Default Variations
Binary Static variation (Group1) 1, 2
Event variation (Group2) 1, 2, 3
Static variation 2
Event variation 1
Double Binary Static variation (Group3) 2
Event variation (Group4) 1, 2, 3
Static variation 2
Event variation 1
Binary Output Status Static variation (Group10) 2
Event variation (Group11) 1, 2
Static variation 2
Event variation 1
Counter Static variation (Group20) 1, 2, 5, 6
Event variation (Group22) 1, 2, 5, 6
Static variation 1
Event variation 1
Frozen Counter Static variations (Group21) 1, 2, 5, 6, 9,10
Event variation (Group23) 1, 2, 5, 6
Static variation 1
Event variation 1
Analog Static variation (Group30) 1, 2, 3, 4, 5, 6
Event variation (Group32) 1, 2, 3, 4, 5, 6, 7, 8
Static variation 1
Event variation 1
Analog Output Status Static variation (Group40) 1, 2, 3, 4
Event variation (Group42) 1, 2, 3, 4, 5, 6, 7, 8
Static variation 1
Event variation 1
Time and Interval Static variation (Group50) 1 Static variation 1
Octet String Static variation (Group110) 0
Event variation (Group111) 0
Static variation 0
Event variation 0

Debugging the DNP3 Slave service

If configuration for DNP3 devices is set up, handler for protocol will start automatically. If configuration is missing or contains errors, protocol will not start. It is done intentionally decrease unnecessary memory usage.

DNP3 protocol runs a service called dnp3-­slave . If DNP3 does not work properly (e.g. no communication between devices, data is corrupted, etc.), a user can launch a debug session from command line interface and find out why link is not functioning properly. To launch a debugging session, a user should stop dnp3-­slave process and run dnp3-slave command with respective flags as in the table given below.

Procedure for DNP3 Master protocol service debugging:

dnp3­-slave command line debugging options

Option  Description
­-h [ –help ]  Display help information
­-V [ –version ]  Show version
-p [ –port ] ­Show output for one port only
­-d <debug level> Set debugging level
-­c [ –config ]  Config path
-­a [ –app ] Show application layer data
–l [ –link ]  Show link layer data
–t [ –transport ]  Show transport layer data
-­r [ –redis ]  Show Redis messages
-­R [ –readyfile ]  Ready notification file