...
Attribute | Description | Expected values | Mandatory |
---|---|---|---|
name | this identifies the protocol stack | iec104client, iec104server, tase2client, tase2server, 61850client, 61850server, etc... | Yes |
version | version number of the configuration file | 2 digits x.y => x = major change, y = minor change | Yes |
connection.path | array of connection paths | ||
connection.path.srv_ip | IP address to remote IEC 104 server | IP address | Yes |
connection.path.clt_ip | client IP in case of multiple network interfaces server access | IP address | No |
connection.path.port | port number to remote IEC 104 server | default = 2404 | No |
tls | activation of TLS (see tls configuration chapter for details) | TRUE, FALSE, default = FALSE | No |
k_value | Maximum number of outstanding (unacknowledged) APDU's at a given time | default = 12 | No |
w_value | Acknowledge the reception latest after this number of APDU's | default = 8 | No |
t0_timeout | time out of connection establishment | default = 10 | No |
t1_timeout | time out for send or test APDU's | default = 15 | No |
t2_timeout | time out for acknowledges in case of no data messages (t2 < t1) | default = 10 | No |
t3_timeout | time out for sending test frames | default = 20 | No |
conn_all | establish all paths within one connection at the same time (=TRUE) or only one (=FALSE) | TRUE, FALSE, default = FALSE | No |
start_all | start communication on all established paths at the same time (=TRUE) or on only one (=FALSE) | TRUE, FALSE, default = FALSE | No |
conn_passv | establish connection even in passive mode (=TRUE) or not (=FALSE) | TRUE, FALSE, default = FALSE | No |
orig_size | size of "Originator Address" | 0, 1 (byte) | No |
orig_addr | Originator Address | default = 0 | No |
ca_asdu_size | size of "Common Address of ASDU" | default = 2 (byte) | No |
ioaddr_size | size of 'Information Object Address' | default = 3 (byte) | No |
startup_time | time to wait for startup completion | default = 180 (seconds) | No |
asdu_size | maximum ASDU size in transmission direction, if set to "0" => maximum possible value is automatically used. | default = 0 (byte) | No |
gi_time | time to wait for General Interrogation (GI) completion | default = 0 (seconds) | No |
gi_cycle | send General Interrogation (GI) cyclically | TRUE, FALSE, default = FALSE | No |
gi_all_ca | send a separate GI request to every CA; otherwise a broadcast GI request is used | TRUE, FALSE, default = FALSE | No |
gi_repeat_count | repeat GI for this number of times in case it is incomplete | default = 2 | No |
disc_qual | information object quality in case of interrupted connection | IV = Invalid, NT = Not Topical, default = NT | No |
send_iv_time | time delay before infos are sent as invalid (0 = deactivated) | default = 0 | No |
tsiv | specifies what to do with a time stamp marked as 'invalid' | remove, process, default = remove | No |
utc_time | UTC timezone (=TRUE) or local timezone (=FALSE) for time conversion | TRUE, FALSE, default = FALSE | No |
comm_wttag | use commands with time tag (=TRUE) or without time tag (=FALSE) | TRUE, FALSE, default = FALSE | No |
comm_parallel | maximum number of commands to be executed at in parallel (0 = unlimited) | default = 0 | No |
exec_cycl_test | execute cyclical test requests (C_TS_NA_1/C_TS_TA_1) in monitoring direction (=TRUE) or not (=FALSE) | TRUE, FALSE, default = FALSE | No |
startup_state | startup in active mode (=TRUE) or in passive mode (=FALSE) | TRUE, FALSE, default = FALSE | No |
reverse | allow transmission of information objects in reverse direction (=TRUE) or only in standard direction (=FALSE) | TRUE, FALSE, default = FALSE | No |
...
In redundant network configuration or generally in cases where several communication paths exist between one client and one server, the path checking exploration mechanism allows the client to try all the paths one by one without making any difference between them. The client uses the first available path. On disconnection this procedure starts again from the beginning.
TLS configuration
The CS 104 standard can also be used with TLS to realize secure and authenticated connections.
3 parameters are needed to set up the TLS secured connection:
- private key file
- server certificate
- root certificate (CA)
Fledge's certificate store allows certificates to be stored and used by the south plugins.
IEC 104 exchanged ASDU configuration
...