Comparison of DNP3 and IEC 61850 communication protocols
Enrique Quintero
Abstract
In today’s world, there are many choices for implementing a supervisory data and control
protocol in the field making it difficult to select the proper supervisory data and control
protocol for a specific application. Nowadays, all supervisory data and control protocols have
advantages and disadvantages that allows engineers to have a general idea regarding how a
supervisory data and control protocol works. This paper will give you a general insight on the
operation of DNP3 and IEC 61850 as well as the general idea of some similarities and
differences by comparing DNP3 and IEC 61850 protocols which so far are the most popular
protocols accepted in the industry.
Introduction
The boom of technology was taking place during the 1970’s. During this time utility industries
began to see the need to have systems that could be monitored and controlled without human
intervention. As a result, many companies began inventing their own data communication
protocols (close protocols) that fulfilled that need. The idea was very successful until the
companies started to realize that having only one specific communication protocol that was
device specific was not very efficient. The lack of compatibility between protocols and devices
ended with an interoperability problem of data communication protocols. A few years later,
industry and vendors recognized the problem and started proposing solutions to the
interoperability problem until they arrived at a final solution. So, in 1985 vendors and
organizations dedicated to the advancement of technology such as Institute of Electrical and
Electronics Engineers (IEEE), Electric Power Research Institute (EPRI) and International
Electrotechnical Commission (IEC) had several meetings with the main objective of discussing
the interoperability problem in data communication protocols. The conclusion of these
meetings was that communication protocols for real time data needed to be standardized. In
1988, the first standardized protocol emerged which was the IEC 870. In 1990 taking the IEC
870 protocol as the basis, three paths took place in parallel. The first path developed what we
know today as utility communication architecture (UCA) and IEC 61850, the second path
developed what we know today as IEC 60870, and the third path developed what we know
today as Distributed Network Protocol version 3 (DNP3). As a result, the standardization of
communication protocols started its long journey. Today communication protocols are
compatible with various devices from different manufactures.
IEC 61850 (Generic Object Oriented Substation Event) protocol
IEC 61850 (GOOSE) is an unsolicited event‐driven peer‐to‐peer communication protocol that
defines communication between one UCA compliant Electronic Intelligent Device to another
UCA compliant Electronic Intelligent Device. IEC 61850 is a collection of standards with the main
objective of being compactible with many third party applications. IEC 61850 has standardized
names, meaning of data, abstract services, and device behavior model. In IEC 61850 all mapping
of abstract services and models are specifically for control and monitoring, protection, and
transducers. In IEC 61850 protocol, the publisher broadcast a GOOSE message to all
subscribers. When the subscriber sees the message it has two options: captures the message or
ignore it. In IEC 61850 all data is originated at the source which helps the implementation by
minimizing wiring.
IEC 61850 (GOOSE) Layers
IEC 61850 (GOOSE) layered architecture is conformed according to the Utility Communication
Architecture (UCA). The Utility Communication Architecture consists of definitions of generic
object models and the instructions to create new models. The UCA protocol is divided into
three basic building blocks: the uniform communication infrastructure, the uniform application
interface, and the uniform data model.
The UCA’s first building block is the Uniform Communication Infrastructure which contains the
communication layers. Uniform communication Infrastructure uses UCA2 protocol that is
divided into three layers named L profiles, T profiles and A profiles. L profile layers correspond
to the OSI physical and data link layer. The L profile allows LAN, WAN, or asynchronous serial
data link control for multi‐drop links for SCADA monitoring and control systems. L profile
services are establishing and maintaining channel communication, error detection, data
control, connect, disconnect, send, receive and status. T profile layer correspond to the OSI
network and transport layers. T profile provides end‐to‐end delivery of whole message. T
profile services include routing, disassembly and reassembly of GOOSE packets and GOOSE
message error detection. UCA2 provides two options at T profile, one is using the ISO network
and transport standards for LAN and WAN protocols and the second one is using the IETF
network and transport standards for multi‐drop serial data link infrastructure. The A profile
layer correspond to the ISO presentation, session and application layers. A profile layer is the
most robust layer because it is responsible for generating the requested data by using the lower
layers to achieve end‐to‐end transmission of the GOOSE messages and also providing services
at the application layer of UCA2 compliant Electronic Intelligent Devices. A profile uses two
applications the Abstract Communication Services Interface (ACSI) and the Manufacturing
Message Specification (MMS). Abstract Communication Services Interface (ACSI) application
establishes and releases communication connections between application functions and
communication functions. The Manufacturing Message Specification (MMS) application
provides message structure, message syntax, and message dialog procedures for monitoring
and controlling information communication.
The UCA’s second building block is the Uniform Data Model. Uniform data model contains
service model applications such as event model, device control model, data access control
model, association model, security model, time model, multicast services model, and BLOB
model. All these model applications exchange information between them by using the Common
Application Service Model (CASM) that provides a standard set of communications functions
and other data handling between object model applications.
The UCA’s third building block is the uniform data model. Uniform data model contains logical
devices, bricks, components data classes and data attributes in order to collect the specific
information from the UCA compliant Electronic Intelligent Devices. Uniform data model
standards allow the extraction of data from the UCA compliant Electronic Intelligent Device to
obtain the required information.
IEC 61850 (GOOSE) Message Structure
An IEC 61850 GOOSE message is created by the Manufacturing Messaging Specification (MMS)
protocol. There are MMS applications for Remote Terminal Unit (RTU), Energy Management
System (EMS), and other Electronic Intelligent Device (EID). MMS provides a set of services for
peer‐to‐peer real time real time communications over a network. MMS standards can be
divided into two parts. MMS part 1 is the service specification. Service specification includes
virtual manufacturing device definition (VMD), the services or messages exchanged between
nodes on a network, and the attributes and parameters associated with the VMD and services.
MMS part 2 is the protocol specification. Protocol specification defines the rules of
communication including the sequence of messages across the network, the format or
encoding of the messages and the interaction of MMS with other UCA OSI layers. A GOOSE
message can be event‐driven or sent once every minute. Each GOOSE message has its own text
ID name and special multicast Ethernet destination address. GOOSE message has one special
characteristic: the Hold Time function which defines how long to consider a message valid.
IEC 61850 (GOOSE) Message Transmission
In IEC 61850 a GOOSE message has to first go through UCA object hierarchy and then through
UCA communication protocol layers. Then, when UCA compliant electronic intelligent device
senses that one status or event changed its state the object models create the status or event
object and then MMS protocol creates a GOOSE message. There are several steps to creating a
GOOSE message. First, at the UCA compliant device, the status or event is converted into an
integer value which is called data attribute. Second, the data attribute is sent into a component
data class which is a collection of information within a brick. Third, the component data class
information is included in a brick (small data object). Fourth, the brick is send into a logical
device that provides information to the rest of the logical devices using Common Application
services Models (CASM). Fifth, the brick is sent from the logical device to the Abstract
Communication Services Interface (ACSI) application in order to be transferred to the UCA
communication profiles. Sixth, the brick is transformed into a GOOSE message by the MMS.
Seventh, MMS sends the GOOSE message to the lower communication layers such as network,
transport, data link and physical layers (Profiles). Now a GOOSE message has been created and
ready to multicast to the other networked UCA compliant devices. In this situation, the UCA
compliant device broadcast the GOOSE message to other UCA compliant devices which decide
to take the GOOSE message or ignore it.
IEC 61850 Security
IEC 62351 defines security for IEC 61850. IEC 62351‐3 defines how to secure TCP/IP‐based
protocols for real‐time data protocols. IEC 6235‐4 defines how to secure Manufacturing
Message Specification (MMS) based protocols. Security objectives include authentication of
data transfer through digital signatures, and intrusion detection.
DNP3 Protocol
DNP3 is a communication protocol version 3.3. DNP3 communication is defined as
communication between master stations, remote terminal unit (RTU) and any other Electronic
Intelligent Device (EID) programmed to be compatible with DNP3. DNP3 allows multiple
topologies such as point‐to‐point communication (Master‐Slave), multi‐drop from one master,
and multiple masters. DNP3 allows EID’s to be synchronized with a master unit clock. DNP3
data can be encapsulated to be transported using the TCP/IP protocol.
DNP3 Layers
DNP3 layered architecture is conformed to the International Electrotechnical Commission (IEC)
Enhance Performance Architecture. DNP3 uses three main layers such as application, data link,
and physical, but add some pseudo transport and network functions.
Application layer is the highest layer in charge of generating the requested data (Data Object),
it uses the lower layers to achieve end‐to‐end transmission of the DNP3 messages, and provides
services to user application programs such as Human Machine Interface (HMI), Remote
Terminal Unit (RTU), Energy Management System (EMS) and other Electronic Intelligent
devices. Data link layer is responsible for providing reliability in the communication of the
messages or frames by controlling the data flow and detecting data errors. Services provided by
the data link are establishing and maintaining the communication channel, report channel
status to higher layers and detect and correct data error during transmission. The physical layer
is the physical media which the communication protocol uses for the transmission of bits. The
physical media has separated standards for the transmission of data such as ITU‐T X.21, DTE‐
DCE V.24, EIA RS 232, and LAN. The services provide by the physical media are connect,
disconnect, send, receive and status.
The pseudo transport and network layers are responsible for providing end‐to‐end delivery of
whole messages including data packets disassembly and reassembly, packet routing, packet
flow control and packet data error detection over networks.
DNP3 Message Structure
DNP3 data and control information is created at the application layer into data objects. The
collection of data objects is called a library. Each data object has a structure defined by DNP3
documentation. There are 90 data objects described in the DNP3 Basic Four Documentation.
Object group 0‐9 is binary input object that represents the state of physical input or a software
input. Object group 10‐19 is binary output object that represent software or hardware physical
outputs, control option like pulse on, pulse off, latch on and latch off. Object group 20‐29 is
counter object that represents accumulation of pulses from the last time their value is
reported. Object group 30‐39 is analog input that represents hardware or software analog
input. Object group 40‐49 is analog output that represents the value of the output. Object
group 50‐59 is time object that represents the time and date of the object. Object group 60‐69
is a class object that represents calling or requesting for objects of a specific class. Object group
70‐80 is a file object that represents a file identifier data object. Object group 80‐90 is a device
object that represents device data flags.
DNP3 Message Transmission
In DNP3 each layer takes the data object and adds the services performed by that layer to the
data packet and then sends the data packet into the lower layers. The data object may be an
alarm, event, status, or control signal that needs to be send from the master to IED or vice
versa. The application layer initially converts the original data object into manageable size
packets called application service data units (ASDU’s). Then application layer creates an
application protocol data unit (APDU’s) by combining the application layer services information
header with application service data units. Finally, the APDU is sent to the transport layer. At
the transport data layer, the APDU changes its name to transport service data units (TSDU’s). In
the transport layer the transport service data unit (TSDU) is spliced into smaller units called
transport protocol data units (TPDU). Finally the TPDU is sent to the data link layer. At the data
link layer, the TPDU is combined with a data link header and finally sent to the physical layer. At
the physical layer each packet is converted into an analog representation of a bit stream that is
transmitted utilizing protocols such as bit serial asynchronous, 8 data bits, start and stop bits,
parity, RS 232C or CCIT V.24 (DTE‐DCE).
DNP3 Security
DNP3 was never designed with security mechanisms in mind, so the protocol lacks security.
One way to use security in DNP3 protocol is to implement DNP3 over IP and add IP security
standards such as IPsec. Currently, many people are proposing security methods for DNP3
protocol
Comparing DNP3 and IEC 61850 protocols
1. Overview of protocols
DNP3 is a protocol that defines communication between master stations, remote terminal units
and other electronic intelligent devices. DP3 is an open protocol that makes easier third party
applications to access information from multiple EID’s from multiple vendors. IEC 61850 is an
open communication protocol that defines communication between client/server and other
electronic intelligent devices. The main key in IEC 61850 is that this protocol separates the
application functions from communication functions. IEC 61850 is also a protocol that makes
easier third party applications to access information from multiple EID’s from multiple vendors.
2. Polling options
DNP3 has two ways of gathering information. The first type is polling, master request all events
(changes) to slaves. The second type is unsolicited, the master never polls and relies on
unsolicited reports only from the slaves. IEC 61850 is unsolicited (event‐driven), electronic
intelligent devices send information only when an event changes or once every minute to
maintain up to date new devices joining the network.
3. Layered architecture
DNP3 layered architecture is conformed through the International Electrotechnical Commission
(EIC). DNP3 layers are physical, data link and application. IEC 61850 layered architecture is
conformed through Utility Communication Architecture (UCA). IEC 61850 layer L profile, T
profile and A profile.
4. Communication
DNP3 supports peer‐to‐peer communication (master‐slave), works on serial communication RS
232, RS 485, fiber serial loop and fiber serial start configuration and also operate over IP and
networks which often is referred as DNP3 over IP. IEC 61850 support peer‐to‐peer
communication (EID‐EID) and operates over IP and networks.
5. Features
DNP3 sends and receives data objects often named points such as status information about
devices (binary inputs), analog information (analog inputs), accumulator information (counters),
set points (analog outputs), and controls (binary outputs), supports time synchronization as
well as time stamped of events when they occur, reports static data (current value) and event
data (with or without time stamped). IEC 61850 sends and receives data objects often called
bricks with status and event information, supports process bus that helps to minimize wiring
requirements to equipment by converting status and analog information into bricks at the
source, provides a highly functional object oriented solution designed to support
implementation and maintenance of automation applications, supports high speed peer‐to‐
peer messaging using the Generic Object Oriented Substation Event (GOOSE) and Generic
Substation Status Event (GSSE), supports many different protocols because maps the objects
and abstract communication services to MMS which has a robust set of features that maps well
IEC 61850 objects and services.
Security
DNP3 protocol lacks security standards. IEC 61850 has IEC 62351 protocol that provides all the
necessary standards for encryption, digital signatures and intrusion detection for IEC 61850
protocol.
Conclusion
Both IEC 61850 and DNP3 are based on data objects concepts. However, IEC 61850 is a more
robust communication protocol than DNP3. IEC 61850 contains a collection of multiple
protocols, concepts and component standards that make IEC 61850 probably more than a
communication protocol. On the other side, DNP3 is a simpler standard focused on three layers
and one object library. However, DP3 may be better to be implemented because it is
compatible with legacy and modern SCADA equipment. In general, both communication
protocols have different way of communicating the data IEC 61850 more complex than DNP3,
but they both do the same real‐time data collection function.
Personally, when I started this class I did not know a lot about DNP3 or IEC 61850. After
completing this paper not only am I able to understand DNP3 and IEC 61850, I am also able to
understand and apply how a real‐time data protocol works. That alone was one of the main
reasons for taking this class. In completing this assignment there were two main challenges.
The first was translating complex concepts into simple terms. My second challenge was to
condense a lot of information into in five page document.
References
[1] Clark Gordon and Reynders Deon, Practical Modern SCADA Protocols, Newnes, 2004.
[2] Stallings William, Data and Computer Communications,” Pearson, 9th edition, 2011
[3] Woodward Darold, “The Hows and Whys of Ethernet Networks in Substations,” Schweitzer
Engineering Laboratories, Pullman, WA, USA.
[4] “Overview and Introduction to the Manufacturing Messaging Specification (MMS),” System
Integration Specialist Company, Inc., 1995.
[5] “DNP3,” Subnet Solutions, Inc., 2012