...
Code Block | ||
---|---|---|
| ||
{ "protocol_stack":{ "name":"iec104server", "version":"1.0", "transport_layer":{ "redundancy_groups":[ { "connections":[ { "clt_ip":"192.168.0.10" }, { "clt_ip":"192.168.0.11" }, { "clt_ip":"10.152.1.10" }, { "clt_ip":"10.152.1.11" } ], "rg_name":"red-group-1" }, { "connections":[ { "clt_ip":"192.168.0.10" }, { "clt_ip":"192.168.0.11" }, { "clt_ip":"192.168.0.12" }, { "clt_ip":"192.168.0.14" }, { "clt_ip":"10.152.1.10" }, { "clt_ip":"10.152.1.11" }, { "clt_ip":"10.152.1.12" }, { "clt_ip":"10.152.1.13" } ], "rg_name":"red-group-2" } ], "srv_ip":"0.0.0.0", "port":2404, "tls":false, "k_value":12, "w_value":8, "t0_timeout":30, "t1_timeout":15, "t2_timeout":10, "t3_timeout":20 }, "application_layer":{ "ca_asdu_size":2, "ioaddr_size":3, "asdu_size":0, "asdu_queue_size":100, "time_sync":false, "cmd_exec_timeout":20000, "cmd_recv_timeout":5000, "cmd_dest":"broadcast", "accept_cmd_with_time":1, "filter_orig":false, "filter_list":[ { "orig_addr":1 }, { "orig_addr":2 } ] } } } |
TLS configuration
The CS 104 standard can also be used with TLS to realize secure and authenticated connections.
Parameters are needed to set up the TLS secured connection:
Attribute | Description | Expected values | Mandatory |
---|---|---|---|
private_key | server private key | valid private key | YES |
own_cert | server certificate | valid certificate | YES |
ca_certs | allows to specify the ca certificates if not included in the owner certificate | list of valid certificates | NO |
remote_certs | allows to specify the clients certificates, so if specified, only these certificates are accepted | list of valid certificates | NO |
Fledge's certificate store allows certificates to be stored and used by the south plugins.
Code Block | ||
---|---|---|
| ||
{
"private_key":"iec104_server.key",
"own_cert":"iec104_server.cer",
"ca_certs":[
{
"cert_file":"iec104_ca.cer"
},
{
"cert_file":"iec104_ca2.cer"
}
],
"remote_certs":[
{
"cert_file":"iec104_client.cer"
}
]
} |
IEC 104 datapoint representation
...