11 DNP 3.0
Introduction
DNP3 (Distributed Network Protocol) is a set of communications protocols used between components in process automation systems. Its main use is in utilities such as electric and water companies. It was developed for communications between various types of data acquisition and control equipment. It plays a crucial role in SCADA systems, where it is used by SCADA Master Stations (a.k.a. Control Centers), Remote Terminal Units (RTUs), and Intelligent Electronic Devices (IEDs). It is primarily used for communications between a master station and RTUs or IEDs. ICCP, the InterControl Center Communications Protocol (a part of IEC-608706), is used for intermaster station communications.
Elseta’s DNP3 stack has both Master and Slave protocols implemented. Both of them are able to serve multiple serial (over physical RS485 line), TCP or TLS (over TCP) connections with high efficiency.
IEEE1815 defines 4 subset levels (14) that consist of the objects and function codes that must be supported by the master and outstation. Levels 13 are supported fully and level 4 is supported partially. To get more information about how DNP3 works and what capabilities are supported one should get a copy of protocol specification and/or check Slave Interoperability List/Configuration guides for both Master and Slave protocols.
To set up TLS connection for both DNP3 Master and Slave, refer to sections Excel configuration and Certificates. All keys and certificates should be provided in the PEM format.
If no configuration is set up, DNP3 Master and Slave services are not started.
DNP 3.0 Master
Default group and variation sets are used to send commands. If slave devices support different groups and variations, they can be adjusted in Excel configuration. For more information check section Excel configuration.
Configuring datapoints
To use DNP3 Master in WCC Lite, it has to be configured via an Excel configuration. This configuration contains two Excel sheets where parameters have to be filled in Devices and Signals.
DNP3 Master parameters for Devices tab
| Parameter |
Type |
Description |
Required |
Default value (when not specified) |
Range |
|
|
Min |
Max |
|||||
| name | string | User-friendly device name | Yes |
|
|
|
| description | string | Description of a device | No |
|
|
|
| device_alias | string | Alphanumeric string to identify a device | Yes | |||
| enable | boolean | Enabling/disabling of a device | No | 1 | 0 | 1 |
| protocol | string | Protocol to be used (”dnp3 serial”/”dnp3 tcp” (case insensitive)) | Yes | |||
| mode | string | Choosing between TCP, TLS and SERIAL modes . If protocol provided DNP3 TCP mode defaults to tcp and if DNP3 serial is provided mode defaults to serial | No | TCP or SERIAL | TCP, SERIAL | |
| host | string | IP address of TCP slave device | Yes (for TCP). | |||
| bind_address | string | IP address of network adapter used to connect to slave device | No (for TCP) | 0.0.0.0 | ||
| port | integer | TCP communication port | No (for TCP) | 20000 | ||
| device | integer | Communication port (”PORT1” or ”PORT2”) | Yes (for SERIAL) |
|||
| baudrate | integer | Communication speed, bauds/s | No (for SERIAL) |
9600 | 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600,115200 | |
| databits | integer | Data bit count for communication | No (for SERIAL) |
8 | 6 | 9 |
| stopbits | integer | Stop bit count for communication | No (for SERIAL) |
1 | 0 | 2 |
| parity | string | Communication parity option | No (for SERIAL) |
none | none, even, odd | |
| flowcontrol | string | Communication device flow control option. | No (for SERIAL) |
none | none | |
| tls | boolean | Enable/disable use of TLS |
Yes (for TLS) |
0 | 0 | 1 |
| tls_local_certificate | string | Local certificate for TLS connection | Yes (for TLS) | |||
| tls_peer_certificate | string | Certificate authority file for TLS connection | No (for TLS) |
|||
| tls_private_key | string | File consisting of private key for TLS connection | No (for TLS) |
|||
| max_rx_frag_size | integer | Maximum size of a received fragment. | No | 2048 | 0 | 2048 |
| destination_address | integer | Address of a master station | No | 1 | 0 | 65535 |
| source_address | integer | Address of a slave (local) station. | No | 1 | 0 | 65535 |
| unsol_disable | bool | Disables unsolicited messages on startup. Overrides unsol_classes parameter. | No | 0 | 0 | 1 |
| unsol_classes | string | Defines which classes will have unsolicited actions on startup. Can be overriden with unsol_disable. (Example: "1,3,2") | No | no class | 1 | 3 |
| groups_scan_mask | integer | Bitmask for enabling separate group scans with x06 qualifier (all objects): 0 - Binary, 1 - Doublebit Binary, 2 - Binary Output Status, 3 - Counter, 4 - Frozen Counter, 5 - Analog, 6 - Analog Output Status, 7 - Octet String |
No | 0 | 0 | 7 |
| groups_scan_interval |
integer, string |
Time between separate groups scans intervals in seconds. Set to 0 to disable. | No | 0 | 0 | |
| exception_scan_interval |
integer, string |
Time between exception scan (classes 1,2,3) intervals in seconds. Set to 0 to disable. | No | 0 | 0 | |
| integrity_scan_interval |
integer, string |
Time between integrity scan (classes 0,1,2,3) intervals in seconds (general interrogation). Set to 0 to disable. | No | 0 | 0 | |
| timesync_mode | string | Will override masters default setting for choosing timesync procedure | No |
NON-LAN(for Serial) LAN (for tcp) |
LAN, NON-LAN |
|
|
time_sync_interval_sec |
integer, string |
Periodic time sync interval in seconds. If 0 < - time syncs are forced and periodic. If = 0 - time syncs react to IIN bits from slave. If < 0 - time syncs are disabled. |
No | 0 | 0 | |
| select_ms | integer | Select command timeout. Valid for all signals. | No | 10000 | ||
| timeout_ms | integer | Response timeout in milliseconds |
No |
2000 | ||
| keep_alive_timeout | integer | Time interval for sending a keep alive packet in milliseconds. |
No | 60 | ||
DNP3 Master parameters for Signals tab
| Parameter |
Type |
Description |
Required |
Default value (when not specified) |
Range |
|
|
Min |
Max |
|||||
| signal_name | string | User-friendly signal name | Yes |
|
|
|
| device_alias | string | Device alias from a Devices tab | Yes | |||
| signal_alias | Unique alphanumeric name of the signal to be used | Yes | ||||
| enable | boolean | Enabling/disabling of a device | No | 1 | 0 | 1 |
| index | integer | Index of a signal. | Yes | 0 | 65535 | |
| log | boolean | Enable logging in event log | No | 0 | 0 | |
| signal_type | string | DNP3 signal type. (case insensitive) |
Yes |
”BINARY”, |
||
| command_variation | integer |
DNP3 command variation. |
No | 0 | 0 | 4 |
| static_variation | integer | DNP3 command variation (). Supported variations depend on signal type and are provided in table below. |
No | 0, 1, 2, 3, 4, 5, 6, 9, 10 | ||
| event_variation | integer | DNP3 command variation. Supported variations depend on signal type and are provided in table below. |
No |
0 | 8 | |
| control_code | integer |
DNP3 control model code of CROB signal. TripClose and Pulse controlmodel requires PulseOn/off times to be set |
No | LATCH, PULSE, TRIPCLOSE | ||
| pulse_on_time_ms | integer | Pulse ON time in milliseconds, when using Pulse or TripClose control models must be set | No | |||
| pulse_off_time_ms | integer | Pulse OFF time in milliseconds, when using Pulse or TripClose control models must be set | No | |||
| class_num | integer | Class assignment of this signal. | No | 0 | 0 | 3 |
| operate_type | integer | No | 1 | -1 | 1 | |
| job_todo | string | Device status signal can be configured by providing one of the given values. |
No | COMMUNICATION_STATUS, DEVICE_RUNNING, DEVICE_ERROR, UNKNOWN_ERROR |
||
Debugging the DNP3 Master service
If configuration for DNP3 devices is set up, handler for protocol will start automatically. If configuration is missing or contains errors, protocol will not start. It is done intentionally decrease unnecessary memory usage.
DNP3 protocol runs a service called dnp3-master. If DNP3 does not work properly (e.g. no communication between devices, data is corrupted, etc.), a user can launch a debug session from command line interface and find out why link is not functioning properly. To launch a debugging session, a user should stop dnp3-master process and run dnp3-master command with respective flags as in the table given below.
Procedure for DNP3 Master protocol service debugging:
- Step 1: Service must be stopped by entering the following command into the wcclite:
/etc/init.d/dnp3-master stop - Step 2: After service is stopped it must be started with the preferred configuration file (JSON files found in /etc/ folder) and a debug level 7: dnp3-master -c /etc/dnp3-master/dnp3master.json -d7Additional output forming options described in the table below.
- Step 3: Once the problem is diagnosed normal operations can be resumed with the following command: /etc/init.d/dnp3-master start
dnp3-master command line debugging options
| Option | Description |
| -h [ –help ] | Display help information |
| -V [ –version ] | Show version |
| -p [ –port ] | Show output for one port only |
| -d <debug level> | Set debugging level |
| -c [ –config ] | Config path |
| -a [ –app ] | Show application layer data |
| –l [ –link ] | Show link layer data |
| –t [ –transport ] | Show transport layer data |
| -r [ –redis ] | Show Redis messages |
| -R [ –readyfile ] | Ready notification file |
DNP 3.0 Slave
Default group and variation sets are used to send static and event values. If master devices support different groups and variations, they can be adjusted in Excel configuration. Wcc-Lite supported variations are provided in: Static and Event variations and Command variations.
DNP3 Slave parameters for Devices tab
| Parameter |
Type |
Description |
Required |
Default value (when not specified) |
Range |
|
|
Min |
Max |
|||||
| name | string | User-friendly device name | Yes |
|
|
|
| description | string | Description of a device | No |
|
|
|
| device_alias | string | Alphanumeric string to identify a device | Yes | |||
| enable | boolean | Enabling/disabling of a device | No | 1 | 0 | 1 |
| protocol | string | Protocol to be used. | Yes |
dnp3 tcp slave dnp3 serial slave |
||
| mode | string | Choosing between TCP, TLS and SERIAL modes. If protocol provided DNP3 TCP mode defaults to tcp and if DNP3 serial is provided mode defaults to SERIAL | No | TCP or SERIAL | TCP, SERIAL, TLS | |
| host | string | IP address of TCP slave device | Yes (for TCP). | |||
| bind_address | string | IP address of network adapter used to connect to slave device | No (for TCP) | 0.0.0.0 | ||
| port | integer | TCP communication port | No (for TCP) | 20000 | ||
| device | integer | Communication port (”PORT1” or ”PORT2”) | Yes (for SERIAL) |
|||
| baudrate | integer | Communication speed, bauds/s | No (for SERIAL) |
9600 | 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600,115200 | |
| databits | integer | Data bit count for communication | No (for SERIAL) |
8 | 6 | 9 |
| stopbits | integer | Stop bit count for communication | No (for SERIAL) |
1 | 0 | 2 |
| parity | string | Communication parity option | No (for SERIAL) |
none | none, even, odd | |
| flowcontrol | string | Communication device flow control option. | No (for SERIAL) |
none | none | |
| tls | boolean | Enable/disable use of TLS |
Yes (for TLS) |
0 | 0 | 1 |
| tls_local_certificate | string | Local certificate for TLS connection | Yes (for TLS) | |||
| tls_peer_certificate | string | Certificate authority file for TLS connection | No (for TLS) |
|||
| tls_private_key | string | File consisting of private key for TLS connection | No (for TLS) |
|||
| max_tx_frag_size | integer | Maximum size of a received fragment. | No | 2048 | 0 | 2048 |
| destination_address | integer | Address of a master station | No | 1 | 0 | 65535 |
| source_address | integer | Address of a slave (local) station. | No | 1 | 0 | 65535 |
| unsol_classes | string | Defines which classes will have unsolicited actions on startup. Can be overriden with unsol_disable. (Example: "1,3,2") | No | no class | 1 | 3 |
|
time_sync_interval_sec |
integer, string |
Periodic time sync interval in seconds. If 0 < - time syncs are forced and periodic. If = 0 - time syncs react to IIN bits from slave. If < 0 - time syncs are disabled. |
No | 0 | 0 | |
| select_ms | integer | Select command timeout. Valid for all signals. | No | 10000 | ||
| timeout_ms | integer | Response timeout in milliseconds |
No |
2000 | ||
| keep_alive_timeout | integer | Time interval for sending a keep alive packet in milliseconds. |
No | 60 | ||
DNP3 Slave parameters for Signals tab
| Parameter |
Type |
Description |
Required |
Default value (when not specified) |
Range |
|
|
Min |
Max |
|||||
| signal_name | string | User-friendly signal name | Yes |
|
|
|
| device_alias | string | Device alias from a Devices tab | Yes | |||
| signal_alias | Unique alphanumeric name of the signal to be used | Yes | ||||
| enable | boolean | Enabling/disabling of a device | No | 1 | 0 | 1 |
| index | integer | Index of a signal. | Yes | 0 | 65535 | |
| log | bolean | Enable logging in event log | No | 0 | 0 | |
| deadband | double | Deadband for Analog, Analog Output Status, Counter, Frozen Counter signals. | No | 0 | ||
| signal_type | string | DNP3 signal type. (case insensitive) |
Yes |
”BINARY”, |
||
| command_variation | integer |
DNP3 command variation. Supported variations depend on signal type and are provided in table below |
No | 0 | 0 | 4 |
| static_variation | integer | Override default signal’s static variation. Valid for Status mode signals. | No | 0, 1, 2, 3, 4, 5, 6, 9, 10 | ||
| event_variation | integer |
Override default signal’s event variation. Valid for Status mode signals. |
No |
0 | 8 | |
| control_code | integer |
DNP3 control model code of CROB signal. TripClose and Pulse controlmodel requires PulseOn/off times to be set |
No | LATCH, PULSE, TRIPCLOSE | ||
| pulse_on_time_ms | integer | Pulse ON time in milliseconds, when using Pulse or TripClose control models must be set | No | |||
| pulse_off_time_ms | integer | Pulse OFF time in milliseconds, when using Pulse or TripClose control models must be set | No | |||
| class_num | integer | Class assignment of this signal. | No | 0 | 0 | 3 |
| operate_type | integer |
Default command behaviour. IF selected ”-1” - DirectOperateNoAck, ”0” - DirectOperate, "1" - SelectBeforeOperate. |
No | 1 | -1 | 1 |
| job_todo | string | Device status signal can be configured by providing one of the given values. |
No | COMMUNICATION_STATUS, DEVICE_RUNNING, DEVICE_ERROR, UNKNOWN_ERROR |
||
Command variations
| Signal Type | Available Command Variation | Default Command Variation |
| Binary Output Command (Group12) | 0, 1 | 1 |
| Analog Output Command (Group41) | 0, 1, 2, 3, 4 | 1 |
Static and Event variations
| Signal Type | Available Variations | Default Variations |
| Binary | Static variation (Group1) 1, 2 Event variation (Group2) 1, 2, 3 |
Static variation 2 Event variation 1 |
| Double Binary | Static variation (Group3) 1, 2 Event variation (Group4) 1, 2, 3 |
Static variation 2 Event variation 1 |
| Binary Output Status | Static variation (Group10) 2 Event variation (Group11) 1, 2 |
Static variation 2 Event variation 1 |
| Counter | Static variation (Group20) 1, 2, 5, 6 Event variation (Group22) 1, 2, 5, 6 |
Static variation 1 Event variation 1 |
| Frozen Counter | Static variations (Group21) 1, 2, 5, 6, 9,10 Event variation (Group23) 1, 2, 5, 6 |
Static variation 1 Event variation 1 |
| Analog | Static variation (Group30) 1, 2, 3, 4, 5, 6 Event variation (Group32) 1, 2, 3, 4, 5, 6, 7, 8 |
Static variation 1 Event variation 1 |
| Analog Output Status | Static variation (Group40) 1, 2, 3, 4 Event variation (Group42) 1, 2, 3, 4, 5, 6, 7, 8 |
Static variation 1 Event variation 1 |
| Time and Interval | Static variation (Group50) 1 | Static variation 1 |
| Octet String | Static variation (Group110) 0 Event variation (Group111) 0 |
Static variation 0 Event variation 0 |
Debugging the DNP3 Slave service
If configuration for DNP3 devices is set up, handler for protocol will start automatically. If configuration is missing or contains errors, protocol will not start. It is done intentionally decrease unnecessary memory usage.
DNP3 protocol runs a service called dnp3-slave . If DNP3 does not work properly (e.g. no communication between devices, data is corrupted, etc.), a user can launch a debug session from command line interface and find out why link is not functioning properly. To launch a debugging session, a user should stop dnp3-slave process and run dnp3-slave command with respective flags as in the table given below.
Procedure for DNP3 Master protocol service debugging:
- Step 1: Service must be stopped by entering the following command into the wcclite:
/etc/init.d/dnp3-slave stop - Step 2: After service is stopped it must be started with the preferred configuration file (JSON files found in /etc/ folder) and a debug level 7: dnp3-slave -c /etc/dnp3-slave/dnp3slave.json -d7 Additional output forming options described in the table below.
- Step 3: Once the problem is diagnosed normal operations can be resumed with the following command: /etc/init.d/dnp3-slave start
dnp3-slave command line debugging options
| Option | Description |
| -h [ –help ] | Display help information |
| -V [ –version ] | Show version |
| -p [ –port ] | Show output for one port only |
| -d <debug level> | Set debugging level |
| -c [ –config ] | Config path |
| -a [ –app ] | Show application layer data |
| –l [ –link ] | Show link layer data |
| –t [ –transport ] | Show transport layer data |
| -r [ –redis ] | Show Redis messages |
| -R [ –readyfile ] | Ready notification file |