Industrial communication protocols

Claudiu Stanciu

Abstract
Industrial communication refers to the wide range of hardware and software products and protocols used to communicate between standard computer platforms (usually PC running Microsoft Windows) and devices used in industrial automation applications. There are many communication protocols that require sophisticated hardware and software to ensure robust, reliable and real-time operation. These industrial protocols are sometimes generically referred to as fieldbus. There are many different types of equipment that basically have the same functions SIEMENS, ABB, Honeywell, Schneider etc. In order to ensure communication standardization was necessary. Keywords: industrial protocols, industrial network, IEC 60870-5 protocols

1. Introduction
In order for different devices to be able to communicate international standards were needed. These standards were developed by IEC International Electrotechnical Commission. Founded in 1906 IEC is the worlds leading organization for the preparation and publication of International Standards for all electrical, electronic and related technologies. IEC provides a platform to companies, industries and governments for meeting, discussing and developing the International Standards they require. All IEC standards are fully consensus-based and represent the needs of key shareholders participating in IEC work. The object of the IEC is to promote international co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and in addition to other activities the IEC publishes international standards. This paper will present the IEC-60870-5-101. The standard is usually combined in a project with other standards like IEC 60870-5-103 or IEC 60870-5-104 and IEC 61850. The IEC 60870-5-101 protocol applies to telecontrol equipment and systems with coded bit serial data transmission for monitoring and controlling geographically widespread processes. It defines a telecontrol companion standard that enables interoperability among compatible telecontrol equipment. The IEC 60870-5-103 protocol applies to protection equipment with coded bit serial data transmission for exchanging information with control systems. It defines a companion standard that enables interoperability between protection equipment and devices of a control system in a substation. This section of IEC 60870-5 presents specifications for the informative interface of protection equipment. This standard does not necessarily apply to equipment that combines protection and control functions in the same device sharing a single communication port. The IEC 60870-5-104 protocol provides network access for IEC 60870-5-101 using standard transport profiles.

An example of a working architecture for a wind farm that uses industrial communication protocols is presented. A server, installed in the station has the following protocols: 1. IEC 60870-5-103 that is used to gather information and command of the substation. 2. IEC 60870-5-101 that is used send information gathered from the station to the electric power transmission operator. This protocol is also used to command, from distance, the station. 3. IEC 60870-5-104 that is used to send all the data from the station to a remote, duplicate server. The IEC 60870-5-103 is installed as master on the server, and the other protocols are installed as slave. The architecture of the network is presented in the next figure.

2. Standard description
The following section will present the main characteristics of the international standard 101. 2.1 IEC 60870 5 101 The IEC 60870-5 series of standards documents consists of a number of base standard sections and an open number of companion standards. Each companion standard contains a selection of provisions taken from the base standards sections. These are tailored to suit a particular application by adding further provisions that are defined within the companion standard itself. The applications covered are all related to performing tasks needed by electric power systems, although companion standards for other types of system could also be produced. The protocol is defined with reference to a simplified version of the Basic Reference Model (ISO 7498) for system interconnection. 2.1.1 Reference model The Basic Reference Model divides a protocol into seven layers. The top three layers are directly concerned with the actual Application messages being sent between

stations. The bottom four layers are concerned with the method used to Transport these messages between stations. The simplified reference model used in the IEC 60870-5-101 standard has fewer layers, because some of the facilities supported by the full seven layer model are not required and enhanced working of the remaining facilities is desired. Hence the model is often called the Enhanced Performance Architecture (EPA) Model. Each station in an installation performs its own local application tasks, called Application Processes. For example the central (Controlling) station would drive the keyboard/display or other operator interface equipment and manage the database containing all the information about the installation, such as current values of measured variables obtained from remote outstations etc. Each outstation would have Application Processes for scanning, reading and storing its local measurements and performing local control actions etc. Communication between Application Processes in the central station and those in remote outstations is performed according to the communication protocol. The next table shows the EPA model and the selected standard definitions of the companion standard.
Selected application functions of IEC 60870-5-5 Selected application information elements IEC 60870-5-4 Selected application service data units IEC 60870-5-3 Selected transmission procedures IEC 60870-5-2 Selected transmission frame formats IEC 60870-5-5 Selected ITU-T recommendations User process

Application(layer 7)

Link (layer 2)

Physical( layer 1)

The physical layer uses ITU-T recommendations to provide binary symmetric and memoryless transmission on the required medium in order to preserve the high level of data integrity of the defined block encoding method in the link layer. The link layer consists of a number of link transmission procedures using explicit LINK PROTOCOL CONTROL INFORMATION (LPCI) that are capable of carrying APPLICATION SERVICE DATA UNITS (ASDU) as link-user data. The link layer uses a selection of frame formats to provide the required integrity/efficiency and convenience of transmission. The application layer contains a number of application functions that involve the transmission of ASDUs between source and destination. The application layer of this companion standard does not use explicit APPLICATION PROTOCOL CONTROL INFORMATION (APCI). This is implicit in the contents of the ASDU DATA UNIT IDENTIFIER field in the type of the link services used. A. Physical Layer The companion standard specifies ITU-T recommendations which define the interfaces between data circuit terminating equipment (DCE) and data terminating

equipment (DTE) of the controlling and the controlled station see next figure.

Figure 2 Interfaces and connections of controlling and controlled stations

The standard interface between DTE and DCE is the asynchronous ITU-T V.24/ITUT V.28 interface. The use of the required interface signals depends on the operational mode of the used transmission channel. Therefore the companion standard defines a selection of interchange circuits (signals) which may but need not to be used. The following fixed network configurations are supported: Point-to-point; Multiple point-to-point; Multipoint-star; Multipoint-party line; Multipoint-ring. B. Link Layer The standard offers a selection of link transmission procedures using a control field and the address field, which is optional. A link between stations may be either balanced or unbalanced, appropriate function codes being specified for both modes of operation. However if the link from a control station to several outstations is done through a common physical channel, then the communication must be in unbalanced mode in order to avoid two stations trying to transmit at the same time. The sequence in which the various stations are granted access is determined by an application layer procedure in the controlling station, as it will be presented later on. C. Application Layer A companion standard defines appropriate ASDUs from a giver general structure. These ASDUs are constructed using the definition and coding specifications for application information elements given by the standard. D. User process A companion standard contains one or more instances of these functions chosen to provide the required set of input/output application procedures to suit the

specific telecontrol system. 2.1.2 Message structure Serial messages, as viewed outside of the stations, have a nested structure which derives from the layered structure of the protocol, as seen in the following figure.

All data fields shown in the figure above consist of octet strings of one or more octets. The ASDU (Application Service Data Unit) is a block of data being sent from the Application Processes in one station to the Application Processes in another station. According to the EPA model some APCI (Application Protocol Control Information) is in general added to the ASDU to form the APDU (Application Protocol Data Unit). However the APCI is not needed in the IEC 60870-5-101 protocol, so the APDU is equal to the ASDU. The Link layer adds its own LPCI (Link Protocol Control Information) to the APDU to form the LPDU (Link Protocol Data Unit). In addition it prepares each data octet in the LPDU to be transmitted as an Asynchronous start/stop serial character having one start bit (value=0), eight data bits (the data octet), one even parity bit and one stop bit (value=1).The LPDU is transmitted as a contiguous frame with no idle line (gaps) between the asynchronous characters.
LPCI = S+L+L+S+C+A+CS+E S = Start character which has a fixed defined bit pattern. L = Length character which specifies the length in octets of the ASDU+C+A C = The Link Control character. A = The Link Address field which is one or two characters chosen to suit the installation. CS = The Check Sum character. E = End character which has a fixed defined bit pattern.

The protocol specifies that, for transmission speeds up to 1200 bits/second, the Physical layer shall convert each transmitted bit directly into one of two frequencies, representing the binary one state and the binary zero state respectively. This form of modulation is called Frequency Shift Keying (FSK) and it is both symmetrical and memoryless. It is suitable for most voice frequency analogue channels on base band transmission line, power line carrier or radio communications media. 2.1.3 Frame integrity The LPDU frame, as shown in the above figure, provides a very high data integrity (IEC Integrity Class I2). There must be at least four bit errors in a received frame before

an undetectable frame error is possible. This corresponds to a code hamming distance of four (hd=4). The frame consists of two parts which may be called the header and the body. The header contains the S+L+L+S characters and the body contains the remaining characters. Each frame is preceded and succeeded by a period of idle line (continuous binary one state). The header specifies the length of the ASDU+C+A and hence the length of the body. Due to the parity protection, at least two bit errors in the contents of any asynchronous character are required to cause an undetectable character error. In the frame body, at least two characters with undetected errors are required to produce an undetectable Sum Check error. Thus a total of four data or parity bit errors are required to produce a received frame body with a possible undetectable error. If the start bit of any asynchronous character is erroneously received as a binary one, then the start of that character will be delayed until the next binary zero bit is received. This will delay (and corrupt) the received character and, because there are no gaps between characters, it will also delay (and corrupt) all subsequent characters in the frame. This is sometimes called a sync slip. If such a sync slip occurs in the body of a received frame, the End character will be pushed into the idle line period, which succeeds the frame. This will be detected by the receiver, with a high degree of certainty, because the pattern of bits in the End character is specially chosen to differ from idle line and shifted versions of the character itself by at least four bits. The frame header has a fixed format and length. It is separately protected with hd=4 integrity against both sync slip and data/parity bit errors. This means that the receiver can rely on the length information it provides. Hence the receiver knows exactly where to look for the End character when checking the integrity of the frame body. Because the FSK modulation in the Physical layer is symmetrical, there is an equal probability of receiving erroneous binary one bits and erroneous binary zero bits. But more importantly the modulation is memoryless, which means that it does not degrade the integrity of the Link layer frame by introducing any particular erroneous bit more than once into a received frame. It is sometimes desired to transmit messages at speeds in excess of 1200 bits/second. To do this synchronous MODEMs may be used. These have bit scramblers to ensure that the receiver clock does not lose synchronization during prolonged periods without change of binary state in the data being sent. The scrambler introduces memory into the modulation and potentially degrades the integrity provided by the Link layer. However, it is has recently been proved that integrity, due to particular properties of the Link frame. In some circumstances faster transmission is possible on directly connected data circuits using digital signal multiplexers. Speeds up to 19,200 bits/sec for asynchronous characters and faster for the same characters sent isochronously are possible.

2.1.4 The use of the link and physical layers As explained above the LPDU (Link frame) contains the ASDU (Application

message) whilst it is being transmitted using FSK modulation on an analogue channel between stations. The protocol is intended for use with permanent directly connected data circuits between the central station and the outstations. These may be implemented in different ways. A multi-drop party line connection which is time shared between several or all outstations, using different Link addresses to identify individual outstations. This would normally be operated in a half-duplex mode on a single channel, sending to and receiving from each outstation in turn, using unbalanced (speak when you are spoken to) media access for the Link protocol.

Individual full duplex connections to some or all outstations, with a single v.f. channel for each direction of communication in each connection. The individual connections permit balanced media access for the Link protocol, enabling spontaneous sending of data in both directions.

media access. However practical considerations (including higher cost) may limit the extent to which full duplex balanced connections are used.

2.1.5 Application The Application layer of the protocol includes all those parts of the station Application Processes which are concerned with communicating with Application Processes in a remote station. These parts are referred to as the (protocol) User Process in the IEC 60870-5-101. The IEC 60870-5-101 standard defines two sets of provisions for the

Application protocol. The first set includes Applications functions, for example: Station initialization;
Data acquisition by polling; Cyclic data transmission; Acquisition of events; General interrogation; Clock synchronization; Command transmission; Transmission of Integrated Totals; Parameter loading; Test procedure; File transfer (for simple files); Acquisition of transmission time delay.

The second set includes the Application Service Data Units( ASDU).The protocol offers an assortment of different types of ASDU suitable for the Application. However they all have the same general format as shown in the following figure.

T = Type Identification (1 data octet) Q = Variable Structure Qualifier (1 data octet). Indicates the number of Information Objects in the ASDU or the number of Information Elements in a single Information Object. C = Cause of Transmission (1 or 2 data octets, fixed per installation) Causes include: periodic/cyclic, spontaneous, Request/Requested, Activation (of a Control action), etc. CA = Common Address (1 or 2 data octets, fixed per installation). Distinguishes the Station Address/Station Sector Address housing the Information Objects (IO1 to IOn). OA = Information Object Address (1, 2 or 3 data octets, fixed per installation). IE = Set of Information Elements (as defined for the type of ASDU specified in the T field). TT = Time Tag of Information Object (if specified for the type of ASDU specified in the T field). 2.1.6 Using the protocol The protocol is mainly concerned with standardizing provisions so that different suppliers of stations can agree a common set of provisions for a particular telecontrol installation, to ensure station interoperability. The parameters associated with the Link layer interface within stations are not defined explicitly in the standard, because the standard is not concerned with standardizing the structure of the software used to run the communication protocol. The standard permits the user of the telecontrol installation to specify/choose his own system strategy for using the protocol provisions in ways that solve his

system problems and adhere to his economic, practical and technical constraints. For example if economic considerations dictate that some or all outstations timeshare a multi-drop party line, it is necessary for the central station to have a suitable outstation data polling process. Such a polling process would reside at the Application level. However, no detailed polling process is defined in the standard because it has no peer to peer communication of its own with the outstations. It merely controls the sequence in which the standard Link functions are used to acquire any Application data that is waiting for transfer to the central station. At the end of the standard there is a checklist to enable all parties concerned with an installation to agree exactly which protocol provisions are to be used, to ensure interoperability.

3. IEC tester
An IEC tester can be used to simulate the communication using the IEC 60870-5101 standard. The main idea is to simulate the communication of a main station (server) to other stations over a network. The tester provides error messages for the port used for communication, provides settings for the length of the addresses in the communication. The tester presented below is used for testing IEC connectivity between equipments similar to SIEMENS.

4. Conclussions
This paper describes the IEC 60870-5-101 standard. These standards are mandatory in automation of applications that deal with power distribution, since they need to communicate with a third party the quantity that is produced , the quality etc. The IEC 60870-5 set of standards simplifies communication between stations and a remote server and it becomes more and more used across energy automation applications.

5. Reference
1. International Standard IEC 60870-5-101 Second Edition, 2003-02. 2. Clarke G., Reynders D. ,Practical Modern SCADA Protocols, Elsevier ,2004. 3. http://en.wikipedia.org/wiki/IEC_60870 4. http://en.wikipedia.org/wiki/IEC_60870-5 5. http://en.wikipedia.org/wiki/IEC_61850

12