12 DNP 3.0
12.1 Introduction
DNP3 (Distributed Network Protocol) is a set of communications protocols used between components in process automation systems. Its main use is in utilities such as electric and water companies. It was developed for communications between various types of data acquisition and control equipment. It plays a crucial role in SCADA systems, where it is used by SCADA Master Stations (a.k.a. Control Centers), Remote Terminal Units (RTUs), and Intelligent Electronic Devices (IEDs). It is primarily used for communications between a master station and RTUs or IEDs. ICCP, the InterControl Center Communications Protocol (a part of IEC-608706), is used for intermaster station communications.
Elseta’s DNP3 stack has both Master and Slave protocols implemented. Both of them are able to serve multiple serial (over physical RS485 line), TCP or TLS (over TCP) connections with high efficiency.
IEEE1815 defines 4 subset levels (14) that consist of the objects and function codes that must be supported by the master and outstation. Levels 13 are supported fully and level 4 is supported partially. To get more information about how DNP3 works and what capabilities are supported one should get a copy of protocol specification and/or check Slave Interoperability List/Configuration guides for both Master and Slave protocols.
To set up TLS connection for both DNP3 Master and Slave, refer to sections Excel configuration and Certificates. All keys and certificates should be provided in the PEM format.
If no configuration is set up, DNP3 Master and Slave services are not started.
12.2 DNP 3.0 Master
Default group and variation sets are used to send commands. If slave devices support different groups and variations, they can be adjusted in Excel configuration. For more information check section Excel configuration.
Configuring datapoints
To use DNP3 Master in WCC Lite, it has to be configured via an Excel configuration. This configuration contains two Excel sheets where parameters have to be filled in Devices and Signals.
DNP3 Master parameters for Devices tab
Parameter |
Type |
Description |
Required |
Default Value (when not specified) |
Range |
||
---|---|---|---|---|---|---|---|
TCP/ TLS |
Serial | Min | Max | ||||
name | string | User-friendly device name | Yes | Yes |
|
|
|
description | string | Description of a device | No | No |
|
|
|
device_alias | string | Alphanumeric string to identify a device | Yes | Yes | |||
enable | boolean | Enabling/disabling of a device | No | No | 1 | 0 | 1 |
protocol | string | Protocol to be used (”dnp3 serial”/”dnp3 tcp” (case insensitive)) | Yes | Yes | DNP3 TCP, DNP3 serial | ||
mode | string | Choosing between TCP, TLS and SERIAL modes . If protocol provided DNP3 TCP mode defaults to tcp and if DNP3 serial is provided mode defaults to serial | No | No |
TCP (for DNP3 TCP) SERIAL (for DNP3 serial) |
TCP, TLS (for DNP3 TCP) SERIAL (for DNP3 serial) |
|
host | string | IP address of TCP slave device | Yes | - | |||
bind_address | string | IP address of network adapter used to connect to slave device | No | No | 0.0.0.0 | ||
port | integer | TCP communication port | No | No | 20000 | ||
device | integer | Communication port (”PORT1” or ”PORT2”) | - | Yes | |||
baudrate | integer | Communication speed, bauds/s | - | No | 9600 | 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600,115200 | |
databits | integer | Data bit count for communication | - | No | 8 | 6 | 9 |
stopbits | integer | Stop bit count for communication | - | No | 1 | 1 | 2 |
parity | string | Communication parity option | - | No | none | none, even, odd | |
flowcontrol | string | Communication device flow control option. | - | No | none | none | |
tls | boolean | Enable/disable use of TLS |
Yes (for TLS) |
- | 0 | 0 | 1 |
tls_local_certificate | string | Local certificate for TLS connection | Yes (for TLS) | - | |||
tls_peer_certificate | string | Certificate authority file for TLS connection | No (for TLS) |
- | |||
tls_private_key | string | File consisting of private key for TLS connection | No (for TLS) |
- | |||
max_rx_frag_size | integer | Maximum size of a received fragment. | No | No | 2048 | 0 | 2048 |
destination_address | integer | Address of a master station | No | No | 1 | 0 | 65535 |
source_address | integer | Address of a slave (local) station. | No | No | 1 | 0 | 65535 |
unsol_classes | string | Defines which classes will have unsolicited actions on startup. (Example: "1,3,2") | No | No | no class | 1 | 3 |
unsol_disable | bool | Disables unsolicited messages on startup. The parameter is going to be ignored if unsol_classes parameter has any values assigned. | No | No | 0 | 0 | 1 |
groups_scan_mask | integer | Bitmask for enabling separate group scans with x06 qualifier (all objects). The parameter value is converted into a binary number where each bit stands for a separate group. Bits indexes and the groups that the represent: 0 - Binary, 1 - Doublebit Binary, 2 - Binary Output Status, 3 - Counter, 4 - Frozen Counter, 5 - Analog, 6 - Analog Output Status, 7 - Octet String (Example: 115 (0111 0011) will trigger data polls for signals whose types are - Binary, Doublebit Binary, Frozen Counter, Analog, Analog Output Status) |
No | No | 0 | 0 | 255 |
groups_scan_interval |
integer, string |
Time between separate groups scans intervals in seconds. Set to 0 to disable. | No | No | 0 | 0 | |
exception_scan_interval |
integer, string |
Time between exception scan (classes 1,2,3) intervals in seconds. Set to 0 to disable. | No | No | 0 | 0 | |
integrity_scan_interval |
integer, string |
Time between integrity scan (classes 0,1,2,3) intervals in seconds (general interrogation). Set to 0 to disable. | No | No | 0 | 0 | |
timesync_mode | string | Will override masters default setting for choosing timesync procedure | No | No |
NON-LAN (for Serial) LAN (for tcp) |
LAN, NON-LAN |
|
time_sync_interval_sec |
integer, string |
Periodic time sync interval in seconds. If > 0 - time syncs are forced and periodic. If = 0 - time syncs react to IIN bits from slave. If < 0 - time syncs are disabled. |
No | No | |||
select_ms | integer | Select command timeout. Valid for all signals. | No | No | 10000 | ||
timeout_ms | integer | Response timeout in milliseconds |
No |
No | 2000 | ||
keep_alive_timeout | integer | Time interval for sending a keep alive packet in milliseconds. |
No | - | 60 |
DNP3 Master parameters for Signals tab
Parameter |
Type |
Description |
Required |
Default Value (when not specified) |
Range |
||
---|---|---|---|---|---|---|---|
TCP | RTU | Min | Max | ||||
signal_name | string | User-friendly signal name | Yes | Yes |
|
|
|
device_alias | string | Device alias from a Devices tab | Yes | Yes | |||
signal_alias |
string
|
Unique alphanumeric name of the signal to be used | Yes | Yes | |||
enable | boolean | Enabling/disabling a device | No | No | 1 | 0 | 1 |
index | integer | Index of a signal. | Yes | Yes | 0 | 65535 | |
log | boolean | Enable logging in the event log | No | No | 0 | 0 | 1 |
signal_type | string | DNP3 signal type. (case insensitive) |
Yes | Yes |
”binary”, ”doublebitbinary”, ”binaryoutputstatus”, ”binaryoutputcommand”, ”counter”, ”frozencounter”, ”analogoutputcommand”, ”timeandinterval”, |
||
command_variation | integer |
DNP3 command variation. |
No | No | 1 | 0 | 4 |
static_variation | integer | DNP3 command variation (). Supported variations depend on signal type and are provided in the table below. |
No | No | 0, 1, 2, 3, 4, 5, 6, 9, 10 | ||
event_variation | integer | DNP3 command variation. Supported variations depend on signal type and are provided in the table below. |
No |
No | 0 | 8 | |
control_code |
string
|
DNP3 control model code of CROB signal. TripClose and Pulse control model requires PulseOn/off times to be set |
Yes | Yes | LATCH, PULSE, TRIPCLOSE | ||
pulse_on_time_ms | integer | Pulse ON time in milliseconds, when using Pulse or TripClose control models must be set | Yes | Yes | |||
pulse_off_time_ms | integer | Pulse OFF time in milliseconds, when using Pulse or TripClose control models must be set | Yes | Yes | |||
class_num | integer | Class assignment of the signal. | No | No | 0 | 0 | 3 |
operate_type | integer |
Default command behaviour. IF selected ”-1” - DirectOperateNoAck (FC=6), ”0” - DirectOperate (FC=5), "1" - SelectBeforeOperate (FC=3). |
No | No | 1 | -1 | 1 |
job_todo | string | The device status signal can be configured by providing one of the given values. |
No | No |
communication_status, |
Device status signals
To configure any device status signal for DNP3 protocol additional job_todo column is required. For DNP3 master required parameters for status signal will be: signal_name, device_alias, signal_alias, index, signal_type, event_variation (1,2 or 3) and job_todo. There are 4 possible signals: communication_status, device_running, device_error, uknown_error. Each signal has 4 possible values and are based on the same logic. If signal returns value of 0, it means unknown error has appeared, 1 – device or protocol connection is on and working properly, 2 – device is off or protocol is disconnected, 3 – error or service is down.
Command variations
Signal Type | Available Command Variation | Default Command Variation |
Binary Output Command (Group12) | 0, 1 | 1 |
Analog Output Command (Group41) | 0, 1, 2, 3, 4 | 1 |
Static and Event variations
Signal Type | Available Variations | Default Variations |
Binary | Static variation (Group1) 1, 2 Event variation (Group2) 1, 2, 3 |
Static variation 2 Event variation 1 |
Double Binary | Static variation (Group3) 2 Event variation (Group4) 1, 2, 3 |
Static variation 2 Event variation 1 |
Binary Output Status | Static variation (Group10) 1, 2 Event variation (Group11) 1, 2 |
Static variation 2 Event variation 1 |
Counter | Static variation (Group20) 1, 2, 5, 6 Event variation (Group22) 1, 2, 5, 6 |
Static variation 1 Event variation 1 |
Frozen Counter | Static variations (Group21) 1, 2, 5, 6, 9,10 Event variation (Group23) 1, 2, 5, 6 |
Static variation 1 Event variation 1 |
Analog | Static variation (Group30) 1, 2, 3, 4, 5, 6 Event variation (Group32) 1, 2, 3, 4, 5, 6, 7, 8 |
Static variation 1 Event variation 1 |
Analog Output Status | Static variation (Group40) 1, 2, 3, 4 Event variation (Group42) 1, 2, 3, 4, 5, 6, 7, 8 |
Static variation 1 Event variation 1 |
Time and Interval | Static variation (Group50) 1 | Static variation 1 |
Octet String | Static variation (Group110) 0 Event variation (Group111) 0 |
Static variation 0 Event variation 0 |
Debugging the DNP3 Master service
If configuration for DNP3 devices is set up, handler for protocol will start automatically. If configuration is missing or contains errors, protocol will not start. It is done intentionally decrease unnecessary memory usage.
DNP3 protocol runs a service called dnp3-master. If DNP3 does not work properly (e.g. no communication between devices, data is corrupted, etc.), a user can launch a debug session from command line interface and find out why link is not functioning properly. To launch a debugging session, a user should stop dnp3-master process and run dnp3-master command with respective flags as in the table given below.
Procedure for DNP3 Master protocol service debugging:
- Step 1: Service must be stopped by entering the following command into the wcclite:
/etc/init.d/dnp3-master stop - Step 2: After service is stopped it must be started with the preferred configuration file (JSON files found in /etc/ folder) and a debug level 7: dnp3-master -c /etc/dnp3-master/dnp3master.json -d7Additional output forming options described in the table below.
- Step 3: Once the problem is diagnosed normal operations can be resumed with the following command: /etc/init.d/dnp3-master start
dnp3-master command line debugging options
Option | Description |
-h [ –help ] | Display help information |
-V [ –version ] | Show version |
-p [ –port ] | Show output for one port only |
-d <debug level> | Set debugging level |
-c [ –config ] | Config path |
-a [ –app ] | Show application layer data |
–l [ –link ] | Show link layer data |
–t [ –transport ] | Show transport layer data |
-r [ –redis ] | Show Redis messages |
-R [ –readyfile ] | Ready notification file |
12.3 DNP 3.0 Slave
Default group and variation sets are used to send static and event values. If master devices support different groups and variations, they can be adjusted in Excel configuration. WCC Lite supported variations are provided in Static and Event variations and Command variations.
DNP3 Slave parameters for Devices tab
Parameter |
Type |
Description |
Required |
Default Value (when not specified) |
Range |
||
---|---|---|---|---|---|---|---|
TCP/ TLS |
RTU | Min | Max | ||||
name | string | User-friendly device name | Yes | Yes |
|
|
|
description | string | Description of a device | No | No |
|
|
|
device_alias | string | Alphanumeric string to identify a device | Yes | Yes | |||
enable | boolean | Enabling/disabling of a device | No | No | 1 | 0 | 1 |
protocol | string | Protocol to be used. | Yes | Yes |
dnp3 tcp slave dnp3 serial slave |
||
mode | string | Choosing between TCP, TLS and SERIAL modes. If protocol provided DNP3 TCP mode defaults to tcp and if DNP3 serial is provided mode defaults to SERIAL | No | No | TCP or SERIAL | TCP, SERIAL, TLS | |
host | string | IP address of TCP slave device | Yes | - | |||
bind_address | string | IP address of network adapter used to connect to slave device | No | - | 0.0.0.0 | ||
port | integer | TCP communication port | No | - | 20000 | ||
device | string | Communication port (”PORT1” or ”PORT2”) | - | Yes | |||
baudrate | integer | Communication speed, bauds/s | - | No | 9600 | 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600,115200 | |
databits | integer | Data bit count for communication | - | No | 8 | 6 | 9 |
stopbits | integer | Stop bit count for communication | - | No | 1 | 1 | 2 |
parity | string | Communication parity option | - | No | none | none, even, odd | |
flowcontrol | string | Communication device flow control option. | - | No | none | none | |
tls | boolean | Enable/disable use of TLS |
Yes (for TLS) |
- | 0 | 0 | 1 |
tls_local_certificate | string | Local certificate for TLS connection | Yes (for TLS) | - | |||
tls_peer_certificate | string | Certificate authority file for TLS connection | No (for TLS) |
- | |||
tls_private_key | string | File consisting of private key for TLS connection | No (for TLS) |
- | |||
max_tx_frag_size | integer | Maximum size of a received fragment. | No | No | 2048 | 0 | 2048 |
destination_address | integer | Address of a master station | No | No | 1 | 0 | 65535 |
source_address | integer | Address of a slave (local) station. | No | No | 1 | 0 | 65535 |
unsol_classes | string | Defines which classes will have unsolicited actions on startup. (Example: "1,3,2") | No | No | no class | 1 | 3 |
time_sync_interval_sec |
integer, string |
Periodic time sync interval in seconds. If 0 < - time syncs are forced and periodic. If = 0 - time syncs react to IIN bits from slave. If < 0 - time syncs are disabled. |
No | No | 0 | 0 | |
select_ms | integer | Select command timeout. Valid for all signals. | No | No | 10000 | ||
timeout_ms | integer | Response timeout in milliseconds |
No |
No | 2000 | ||
keep_alive_timeout | integer | Time interval for sending a keep alive packet in milliseconds. |
No | No | 60 |
DNP3 Slave parameters for Signals tab
Parameter |
Type |
Description |
Required |
Default Value (when not specified) |
Range |
||
---|---|---|---|---|---|---|---|
TCP | RTU | Min | Max | ||||
signal_name | string | User-friendly signal name | Yes | Yes |
|
|
|
device_alias | string | Device alias from a Devices tab | Yes | Yes | |||
signal_alias |
string
|
Unique alphanumeric name of the signal to be used | Yes | Yes | |||
enable | boolean | Enabling/disabling of a device | No | No | 1 | 0 | 1 |
index | integer | Index of a signal. | Yes | Yes | 0 | 65535 | |
log | bolean | Enable logging in event log | No | No | 0 | 0 | |
deadband | integer, string | Deadband for Analog, Analog Output Status, Counter, Frozen Counter signals. | No | No | 0 | ||
signal_type | string | DNP3 signal type. (case insensitive) |
Yes | Yes |
”binary”, ”doublebitbinary”, ”binaryoutputstatus”, ”binaryoutputcommand”, ”counter”, ”frozencounter”, ”analogoutputcommand”, ”timeandinterval”, |
||
command_variation | integer |
DNP3 command variation. Supported variations depend on signal type and are provided in table below |
No | No | 1 | 0 | 4 |
static_variation | integer | Override default signal’s static variation. Valid for Status mode signals. | No | No | 0, 1, 2, 3, 4, 5, 6, 9, 10 | ||
event_variation | integer |
Override default signal’s event variation. Valid for Status mode signals. |
No |
No | 0 | 8 | |
control_code |
string
|
DNP3 control model code of CROB signal. TripClose and Pulse controlmodel requires PulseOn/off times to be set |
Yes | Yes | LATCH, PULSE, TRIPCLOSE | ||
pulse_on_time_ms | integer | Pulse ON time in milliseconds, when using Pulse or TripClose control models must be set | Yes | Yes | |||
pulse_off_time_ms | integer | Pulse OFF time in milliseconds, when using Pulse or TripClose control models must be set | Yes | Yes | |||
class_num | integer | Class assignment of this signal. | No | No | 0 | 0 | 3 |
operate_type | integer |
Default command behaviour. If selected: ”-1” - DirectOperateNoAck (FC=6), ”0” - DirectOperate (FC=5), "1" - SelectBeforeOperate (FC=3). |
No | No | 1 | -1 | 1 |
job_todo | string | Device status signal can be configured by providing one of the given values. |
No | No |
communication_status, |
Device status signals
To configure any device status signal for DNP3 protocol additional job_todo column is required. For DNP3 slave required parameters for status signal will be: signal_name, device_alias, signal_alias, index, signal_type, event_variation (1,2 or 3) and job_todo. There are 4 possible signals: communication_status, device_running, device_error, uknown_error. Each signal has 4 possible values and are based on the same logic. If signal returns value of 0, it means unknown error has appeared, 1 – device or protocol connection is on and working properly, 2 – device is off or protocol is disconnected, 3 – error or service is down.
Command variations
Signal Type | Available Command Variation | Default Command Variation |
Binary Output Command (Group12) | 0, 1 | 1 |
Analog Output Command (Group41) | 0, 1, 2, 3, 4 | 1 |
Static and Event variations
Signal Type | Available Variations | Default Variations |
Binary | Static variation (Group1) 1, 2 Event variation (Group2) 1, 2, 3 |
Static variation 2 Event variation 1 |
Double Binary | Static variation (Group3) 2 Event variation (Group4) 1, 2, 3 |
Static variation 2 Event variation 1 |
Binary Output Status | Static variation (Group10) 2 Event variation (Group11) 1, 2 |
Static variation 2 Event variation 1 |
Counter | Static variation (Group20) 1, 2, 5, 6 Event variation (Group22) 1, 2, 5, 6 |
Static variation 1 Event variation 1 |
Frozen Counter | Static variations (Group21) 1, 2, 5, 6, 9,10 Event variation (Group23) 1, 2, 5, 6 |
Static variation 1 Event variation 1 |
Analog | Static variation (Group30) 1, 2, 3, 4, 5, 6 Event variation (Group32) 1, 2, 3, 4, 5, 6, 7, 8 |
Static variation 1 Event variation 1 |
Analog Output Status | Static variation (Group40) 1, 2, 3, 4 Event variation (Group42) 1, 2, 3, 4, 5, 6, 7, 8 |
Static variation 1 Event variation 1 |
Time and Interval | Static variation (Group50) 1 | Static variation 1 |
Octet String | Static variation (Group110) 0 Event variation (Group111) 0 |
Static variation 0 Event variation 0 |
Debugging the DNP3 Slave service
If configuration for DNP3 devices is set up, handler for protocol will start automatically. If configuration is missing or contains errors, protocol will not start. It is done intentionally decrease unnecessary memory usage.
DNP3 protocol runs a service called dnp3-slave . If DNP3 does not work properly (e.g. no communication between devices, data is corrupted, etc.), a user can launch a debug session from command line interface and find out why link is not functioning properly. To launch a debugging session, a user should stop dnp3-slave process and run dnp3-slave command with respective flags as in the table given below.
Procedure for DNP3 Master protocol service debugging:
- Step 1: Service must be stopped by entering the following command into the wcclite:
/etc/init.d/dnp3-slave stop - Step 2: After service is stopped it must be started with the preferred configuration file (JSON files found in /etc/ folder) and a debug level 7: dnp3-slave -c /etc/dnp3-slave/dnp3slave.json -d7 Additional output forming options described in the table below.
- Step 3: Once the problem is diagnosed normal operations can be resumed with the following command: /etc/init.d/dnp3-slave start
dnp3-slave command line debugging options
Option | Description |
-h [ –help ] | Display help information |
-V [ –version ] | Show version |
-p [ –port ] | Show output for one port only |
-d <debug level> | Set debugging level |
-c [ –config ] | Config path |
-a [ –app ] | Show application layer data |
–l [ –link ] | Show link layer data |
–t [ –transport ] | Show transport layer data |
-r [ –redis ] | Show Redis messages |
-R [ –readyfile ] | Ready notification file |