Scribd Logo
Upload

Welcome to Scribd!

  • Ia 16 C

    Uploaded by

    ha0964238
    3 views26 pages

    Original Title

    IA-16-C

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    3 views26 pages

    Ia 16 C

    Uploaded by

    ha0964238

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 26

    Modbus

    I SCADA protocol, automation protocol


    I Developed by Gould Modicon (now Schneider) for process
    control systems
    I Slow, but wide acceptance among instrument manufacturers
    and users
    I Can be regarded as a de facto standard
    I Modbus Plus
    Modbus

    I Modbus is accessed on the master/slave principle


    I One master and upto 247 slaves
    I Only the master initiates a transaction
    I Transactions are either a query/response type where only a
    single slave is addressed
    I ...or a broadcast/no response type where all slaves are
    addressed
    I A transaction comprises a single query and single response
    frame or a single broadcast frame
    Modbus

    I Fixed characteristics, e.g., frame format, frame sequences,


    handling of communication errors, exception conditions etc
    I Selectable characteristics e.g., transmission medium,
    transmission characteristics etc
    I User characteristics are set at each device and cannot be
    changed when the system is running
    I Data can be exchanged in two transmission modes:
    I ASCII readable, used e.g. for testing
    I RTU compact and faster; used for normal operation (hex)
    Modbus Functions

    I Coil control commands for reading and setting a single coil or


    a group of coils
    I Input control commands for reading input status of a group of
    inputs
    I Register control commands for reading and setting one or
    more holding registers
    I Diagnostics test and report functions
    I Program functions
    I Polling control functions
    I Resent
    Modbus Message Format
    Modbus Message Format

    I Address field: slaves, 1-247, typically one master and 2-3


    slaves
    I Function field: host request, this byte identifies the function
    that the target PLC is to perform
    I Message field: Host requests, PLC responses with the required
    data
    I Error check: CRC 16, on the whole message
    Modbus function
    Open standard

    I Interoperability between multi-vendor devices


    I Fewer protocols
    I Reduced software costs
    I No protocol translators needed (ideally)
    I Less testing, maintenance and training
    I Improved documentation
    I Independent conformance testing may be provided
    Open standard

    I Easy system expansion


    I Long product life
    I More value-added products from vendors
    I Faster adoption of new technology
    I Major operations savings
    Open standard

    I 1990 three layer EPA was adopted as the basis for telemetry
    data transmission in standard IEC 870, Telecontrol Equipment
    and Systems
    I early parts was IEC 870-5 Transmission Protocols
    DNP3

    I Distributed Network Protocol


    I Designed specifically for SCADA
    I Telecommunications standard that defines communications
    between master stations, remote telemetry units (RTUs) and
    other intelligent electronic devices (IEDs)
    I Proprietary protocol by Harris Controls Division initially for
    use in the electrical utility industry
    I November 1993 the protocol was made available for use by
    third parties by transferring its ownership to the DNP3 User
    Group
    DNP3

    I DNP3 User’s Group: paid


    I Designed to transmit relatively small packets of data in a
    reliable manner with the messages involved arriving in a
    deterministic sequence
    I Extensive support and a large number of products
    I http://www.dnp.org/
    DNP3
    DNP3
    DNP3
    DNP3 network topology
    EPA
    EPA OSI comparison
    DNP3 message build up
    DNP3 message build up summary

    I main features are:


    I Application functions may or may not require the passage of
    data
    I Commands will often require no data
    I The application layer parses the data into APDUs
    I The APDU maximum size is 2048 bytes
    I TPDU maximum size is 250 bytes
    I The data link layer adds headers and CRCs to form the LPDU
    I LPDU maximum size is 292 bytes, of which 250 bytes are data
    DNP3 physical layer procedures

    I Half duplex
    I Full duplex
    I 2 wire
    I 4 wire
    DNP3 communication sequence example
    DNP3 communication sequence example
    DNP3 frame format
    Conclusion

    I Only a glimpse of protocols and their functioning in this


    lecture
    I other open standard: IEC 60870-5
    I Many, e.g., fieldbus, BACnet, CAN, DeviceNet, Probus,
    Profinet, Hostlink (Omron’s protocol for serial link
    communication)
    I Things to see: Layer architecture, physical layer, services,
    frame format, inter operability, cost,
    I Protocol converters
    I Suggested reading: ”Practical SCADA Protocols....” by Clarke
    and Reynders

    You might also like